From c254a57593ee33ad9c015e46956912b79142e9de Mon Sep 17 00:00:00 2001
From: xchapter7x <xchapter7x@gmail.com>
Date: Thu, 30 Apr 2020 16:28:13 -0400
Subject: [PATCH] add comment calling out need to check if we change version

if we are to bump this version
then we should re-evaluate if there are
any leaks or exploits in the actions implementation

https://github.com/spf13/cobra/pull/1097\#issuecomment-620877596
---
 .github/workflows/periodic-labeler.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/periodic-labeler.yml b/.github/workflows/periodic-labeler.yml
index 147743d4..dfbb8e48 100644
--- a/.github/workflows/periodic-labeler.yml
+++ b/.github/workflows/periodic-labeler.yml
@@ -7,6 +7,9 @@ jobs:
   labeler:
     runs-on: ubuntu-latest
     steps:
+      # if we are to change the labeler version from v0.0.2
+      # we must review the code for that version
+      # to make sure there are no leaks or exploits
       - uses: paulfantom/periodic-labeler@v0.0.2
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}