Releases can't be pinned to SHAs

[evverx]

When the action is pinned to a full SHA of a release (as recommended in https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions) it fails with

2022-06-23T14:25:16.5848216Z ##[group]Run stefanbuck/github-issue-parser@fb73b92b5c4d283c3e9a198f2bb7dbbf6cf87079
2022-06-23T14:25:16.5848597Z with:
2022-06-23T14:25:16.5848885Z   template-path: .github/ISSUE_TEMPLATE/bug_report.yml
2022-06-23T14:25:16.5849185Z ##[endgroup]
2022-06-23T14:25:16.5973472Z ##[error]File not found: '/home/runner/work/_actions/stefanbuck/github-issue-parser/fb73b92b5c4d283c3e9a198f2bb7dbbf6cf87079/dist/index.js'
2022-06-23T14:25:16.6046545Z Post job cleanup.

To get it around it was pinned to https://github.com/stefanbuck/github-issue-parser/commit/fc06b2a0adc5ccb7702ab6b641fd8a742a5e9cc0. It kind of works but it isn't compatible with Dependabot in the sense that it can't update the action automatically because it follows releases usually.

cc @jamacku

[stefanbuck]

Thanks for sharing. The release is mainly handled by https://github.com/semantic-release/semantic-release, which generates the release. However the actual build is happening afterwards which then results in n this unpleasant state. I'll look into it

[stefanbuck]

Will work on this as part of the upcoming v3 release

[stefanbuck]

Fixed in v2.0.4 and onwards. Thanks for making me aware of this issue.