nixpkgs/.github/workflows/labels.yml
Victor Engmark 4177297b14 ci: pin third party actions
For reproducibility.

Command:

```shell
for file in .github/workflows/*.y*ml; do
    npx pin-github-action --comment=' {ref}' "$file"
done
```

Then had to manually replace all the versions with accurate specifiers
(for example, "v4" → "v4.1.1" in case of `actions/checkout`).
2023-11-29 09:51:22 +01:00

24 lines
684 B
YAML

name: "Label PR"
on:
pull_request_target:
types: [edited, opened, synchronize, reopened]
# WARNING:
# When extending this action, be aware that $GITHUB_TOKEN allows some write
# access to the GitHub API. This means that it should not evaluate user input in
# a way that allows code injection.
permissions:
contents: read
pull-requests: write
jobs:
labels:
runs-on: ubuntu-latest
if: "github.repository_owner == 'NixOS' && !contains(github.event.pull_request.title, '[skip treewide]')"
steps:
- uses: actions/labeler@ac9175f8a1f3625fd0d4fb234536d26811351594 # v4.3.0
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
sync-labels: true