[6.0.x] Removed unused code checkout step from labels.yml GitHub Action.

Backport of f0b75f46fd0ee98c10887b3c5dc4593d2bccf821 from main.
author: Jacob Walls <jacobtylerwalls@gmail.com> 2026-04-10 08:21:46 -0400
committer: Natalia <124304+nessita@users.noreply.github.com> 2026-04-13 13:06:05 -0300
commit: 9799d2adf16d591432c70775c41c42890f4fc8c6 (patch)
tree: 64521331d7f60306cac1091beb82ae896d4b69d5
parent: 5d0fc131538a86bc5898c850b6e46122d2f04c8b (diff)
2 files changed, 2 insertions, 4 deletions
diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml
index 807563322f..3042f4d228 100644
--- a/.github/workflows/labels.yml
+++ b/.github/workflows/labels.yml
@@ -21,10 +21,6 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 60
     steps:
-      - uses: actions/checkout@v5
-        with:
-          persist-credentials: false
-
       - name: "Check title and manage labels"
         uses: actions/github-script@v8
         with:
diff --git a/zizmor.yml b/zizmor.yml
index 76e53f73cc..5bf79eb8cc 100644
--- a/zizmor.yml
+++ b/zizmor.yml
@@ -1,5 +1,7 @@
 rules:
   dangerous-triggers:
+    # Before ignoring a file, assume all inputs are malicious, assign explicit
+    # minimal permissions, and do not use actions/checkout.
     ignore:
       - labels.yml
       - new_contributor_pr.yml
author	Jacob Walls <jacobtylerwalls@gmail.com>	2026-04-10 08:21:46 -0400
committer	Natalia <124304+nessita@users.noreply.github.com>	2026-04-13 13:06:05 -0300
commit	9799d2adf16d591432c70775c41c42890f4fc8c6 (patch)
tree	64521331d7f60306cac1091beb82ae896d4b69d5
parent	5d0fc131538a86bc5898c850b6e46122d2f04c8b (diff)