4177297b14
For reproducibility.
Command:
```shell
for file in .github/workflows/*.y*ml; do
npx pin-github-action --comment=' {ref}' "$file"
done
```
Then had to manually replace all the versions with accurate specifiers
(for example, "v4" → "v4.1.1" in case of `actions/checkout`).
25 lines
684 B
YAML
25 lines
684 B
YAML
name: "Label PR"
|
|
|
|
on:
|
|
pull_request_target:
|
|
types: [edited, opened, synchronize, reopened]
|
|
|
|
# WARNING:
|
|
# When extending this action, be aware that $GITHUB_TOKEN allows some write
|
|
# access to the GitHub API. This means that it should not evaluate user input in
|
|
# a way that allows code injection.
|
|
|
|
permissions:
|
|
contents: read
|
|
pull-requests: write
|
|
|
|
jobs:
|
|
labels:
|
|
runs-on: ubuntu-latest
|
|
if: "github.repository_owner == 'NixOS' && !contains(github.event.pull_request.title, '[skip treewide]')"
|
|
steps:
|
|
- uses: actions/labeler@ac9175f8a1f3625fd0d4fb234536d26811351594 # v4.3.0
|
|
with:
|
|
repo-token: ${{ secrets.GITHUB_TOKEN }}
|
|
sync-labels: true
|