GHA: Use version instead of SHA for actions

It's nearly impossible for humans to tell semantic-version differences by looking at a commit sha. Since all the actions in question come from github, there's little security/safety benefit to using SHAs. Signed-off-by: Chris Evich <cevich@redhat.com>
2025-07-15 03:02:52 +08:00 · 2023-04-10 14:45:36 -04:00
parent 1f2775cbdc
commit d53871cf12
3 changed files with 3 additions and 3 deletions
--- a/.github/workflows/issue-labeler.yml
+++ b/.github/workflows/issue-labeler.yml
@ -13,7 +13,7 @@ jobs:
      issues: write  # for github/issue-labeler to create or remove labels
    runs-on: ubuntu-latest
    steps:
-    - uses: github/issue-labeler@de16e742018d174ccf61d287f6ed31eb48faa64f # v2.6
+    - uses: github/issue-labeler@v3.1
      with:
        repo-token: "${{ secrets.GITHUB_TOKEN }}"
        configuration-path: .github/issue-labeler.yml
--- a/.github/workflows/rerun_cirrus_cron.yml
+++ b/.github/workflows/rerun_cirrus_cron.yml
@ -59,7 +59,7 @@ jobs:
                SECRET_CIRRUS_API_KEY: ${{ secrets.SECRET_CIRRUS_API_KEY }}
              run: './.github/actions/check_cirrus_cron/rerun_failed_tasks.sh'
-            - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3
+            - uses: actions/upload-artifact@v3
              with:
                  name: ${{ github.job }}_artifacts
                  path: artifacts/*
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@ -19,7 +19,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/stale@1160a2240286f5da8ec72b1c0816ce2481aabf84 # v8
+    - uses: actions/stale@v8
      with:
        repo-token: ${{ secrets.GITHUB_TOKEN }}
        stale-issue-message: 'A friendly reminder that this issue had no activity for 30 days.'