From b960453f3f5d11972695cc46b0f529fe478182e1 Mon Sep 17 00:00:00 2001
From: Paul McCann <ismisepaul@gmail.com>
Date: Thu, 20 Mar 2025 09:54:06 +0000
Subject: [PATCH] Update labeler.yml

Pinning action to a full length commit SHA [see](https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions#using-third-party-actions)
---
 .github/workflows/labeler.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml
index 61a81a005f..0f675d6a33 100644
--- a/.github/workflows/labeler.yml
+++ b/.github/workflows/labeler.yml
@@ -58,7 +58,7 @@ jobs:
           })
     - name: Add comment for community PR
       if: contains(steps.is_elastic_member.outputs.result, 'false') && github.actor != 'dependabot[bot]' && github.actor != 'elastic-renovate-prod[bot]' && github.actor != 'elastic-observability-automation[bot]'
-      uses: wow-actions/auto-comment@v1
+      uses: wow-actions/auto-comment@2fc064c21cfb2505de3c5c10e1473b8eb7beca1a  # v1.1.2
       with:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         pullRequestOpened: |