Merge 14f3cf06db into 85e6279cec

* Update README.md

* Update README.md

Co-authored-by: Josh Gross <joshmgross@github.com>

---------

Co-authored-by: Josh Gross <joshmgross@github.com>

README.md

@@ -216,6 +216,8 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 
 ## Checkout multiple repos (nested)
 
+Note: the checkout order must be primary _then_ secondary repo checkout.
+
 ```yaml
 - name: Checkout
   uses: actions/checkout@v4
@@ -230,6 +232,8 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 
 ## Checkout multiple repos (private)
 
+Note: the checkout order must be primary _then_ secondary repo checkout.
+
 ```yaml
 - name: Checkout
   uses: actions/checkout@v4
@@ -311,8 +315,17 @@ jobs:
           git commit -m "generated"
           git push
 ```
+
 *NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D
 
+# Recommended permissions
+
+When using the `checkout` action in your GitHub Actions workflow, it is recommended to set the following `GITHUB_TOKEN` permissions to ensure proper functionality, unless alternative auth is provided via the `token` or `ssh-key` inputs:
+
+```yaml
+permissions:
+  contents: read
+```
 
 # License