From 900f5abb2bf10154c65475cc583d140f1277a7f0 Mon Sep 17 00:00:00 2001
From: Kefu Chai <kchai@redhat.com>
Date: Tue, 9 Mar 2021 02:26:34 +0800
Subject: [PATCH] .github/workflows: use @{sha1} for actions

more secure this way. see also https://julienrenaux.fr/2019/12/20/github-actions-security-risk/

point the sha1 to

* labeler@v3
* milestone@main HEAD

Signed-off-by: Kefu Chai <kchai@redhat.com>
(cherry picked from commit 79e8038046092053b0c0b120e0d7ca07a33a1c00)
---
 .github/workflows/labeler.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml
index c39b24c732463..c7cce97b6f027 100644
--- a/.github/workflows/labeler.yml
+++ b/.github/workflows/labeler.yml
@@ -5,11 +5,11 @@ jobs:
   pr-triage:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/labeler@main
+      - uses: actions/labeler@9794b1493b6f1fa7b006c5f8635a19c76c98be95
         with:
           sync-labels: ''
           repo-token: "${{ secrets.GITHUB_TOKEN }}"
-      - uses: iyu/actions-milestone@v1
+      - uses: iyu/actions-milestone@9aa2197e1bda6cf71541d1bf6fa4f73edc543991
         with:
           configuration-path: .github/milestone.yml
           repo-token: "${{ secrets.GITHUB_TOKEN }}"
-- 
2.39.5