chore: pin github actions to specific SHAs to mitigate supply chain attacks (#442)

.github/workflows/issue-manager.yml

@@ -18,7 +18,7 @@ jobs:
   issue-manager:
     runs-on: ubuntu-latest
     steps:
-      - uses: tiangolo/issue-manager@0.5.1
+      - uses: tiangolo/issue-manager@f94f76c8fa2c48bb2982a099c29a0caadb92917e # 0.5.1
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
           config: >