...By default, it fetches only one commit for the ref or SHA that triggered the workflow, but it can also fetch full branch and tag history. The action supports checking out different repositories, private repositories, pull request commits, submodules, Git LFS files, sparse paths, and custom paths. It can use Git credentials, SSH keys, safe directory configuration, and GitHub Enterprise Server URLs. Recent versions also focus on stronger credential handling and safer behavior around fork pull request code in trusted workflow contexts.