github-actions[bot]
commented
2 years ago 👋 Thanks for reporting!
Open akulpillai opened 2 years ago
github-actions[bot]
commented
2 years ago 👋 Thanks for reporting!
The workflow remove-labels.yml is referencing action mondeja/remove-labels-gh-action using references v1.0.0. However this reference is missing the commit 5abe631a9c2bef28782a90e9f44938a75ee9f1d1 which may contain fix to the some vulnerability. The vulnerability fix that is missing by actions version could be related to: (1) CVE fix (2) upgrade of vulnerable dependency (3) fix to secret leak and others. Please consider to update the reference to the action.