build(deps): bump flask-cors from 4.0.1 to 5.0.0 #194

	name: Add `external` label to issues and PRs created by external users

	on:
	issues:
	types:
	- opened
	pull_request_target:
	types:
	- opened

	# No permission for GITHUB_TOKEN by default; the minimal required set of permissions should be granted in each job.
	permissions: {}

	env:
	LABEL: external

	jobs:
	check-user:
	runs-on: ubuntu-22.04

	outputs:
	is-member: ${{ steps.check-user.outputs.is-member }}

	steps:
	- name: Check whether `${{ github.actor }}` is a member of `${{ github.repository_owner }}`
	id: check-user
	env:
	GH_TOKEN: ${{ secrets.CI_ACCESS_TOKEN }}
	run: \|
	if gh api -H "Accept: application/vnd.github+json" -H "X-GitHub-Api-Version: 2022-11-28" "/orgs/${GITHUB_REPOSITORY_OWNER}/members/${GITHUB_ACTOR}"; then
	is_member=true
	else
	is_member=false
	fi

	echo "is-member=${is_member}" \| tee -a ${GITHUB_OUTPUT}

	add-label:
	if: needs.check-user.outputs.is-member == 'false'
	needs: [ check-user ]

	runs-on: ubuntu-22.04
	permissions:
	pull-requests: write # for `gh pr edit`
	issues: write # for `gh issue edit`

	steps:
	- name: Add `${{ env.LABEL }}` label
	env:
	GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	ITEM_NUMBER: ${{ github.event[github.event_name == 'pull_request_target' && 'pull_request' \|\| 'issue'].number }}
	GH_CLI_COMMAND: ${{ github.event_name == 'pull_request_target' && 'pr' \|\| 'issue' }}
	run: \|
	gh ${GH_CLI_COMMAND} --repo ${GITHUB_REPOSITORY} edit --add-label=${LABEL} ${ITEM_NUMBER}

Provide feedback