From 3a8a04e5adbc81c4492cfde674ce4fece5327ba8 Mon Sep 17 00:00:00 2001
From: "James M. Greene" <JamesMGreene@github.com>
Date: Mon, 17 Apr 2023 23:29:20 -0500
Subject: [PATCH] Pin release-drafter action usage since we cannot trust
 outside orgs

---
 .github/workflows/draft-release.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/draft-release.yml b/.github/workflows/draft-release.yml
index 4f5101c..4ce056f 100644
--- a/.github/workflows/draft-release.yml
+++ b/.github/workflows/draft-release.yml
@@ -11,6 +11,6 @@ jobs:
   draft-release:
     runs-on: ubuntu-latest
     steps:
-      - uses: release-drafter/release-drafter@v5
+      - uses: release-drafter/release-drafter@569eb7ee3a85817ab916c8f8ff03a5bd96c9c83e # v5.23.0
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}