Add an Ouranos Helper Bot for bumping the main branch version, Workflow cleanup, Address security warnings #130

	name: First Pull Request

	on:
	pull_request_target:
	types:
	- opened

	permissions:
	contents: read

	jobs:
	welcome:
	name: Welcome
	runs-on: ubuntu-latest
	permissions:
	contents: read
	pull-requests: write
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
	with:
	disable-sudo: true
	egress-policy: block
	allowed-endpoints: >
	api.github.com:443

	- uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
	with:
	script: \|
	// Get a list of all issues created by the PR opener
	// See: https://octokit.github.io/rest.js/#pagination
	const creator = context.payload.sender.login
	const opts = github.rest.issues.listForRepo.endpoint.merge({
	...context.issue,
	creator,
	state: 'all'
	})
	const issues = await github.paginate(opts)

	for (const issue of issues) {
	if (issue.number === context.issue.number) {
	continue
	}

	if (issue.pull_request) {
	return // Creator is already a contributor.
	}
	}

	await github.rest.issues.createComment({
	issue_number: context.issue.number,
	owner: context.repo.owner,
	repo: context.repo.repo,
	body: `Welcome, new contributor!

	It appears that this is your first Pull Request. To give credit where it's due, we ask that you add your information to the \`AUTHORS.rst\` and \`.zenodo.json\`:
	- [ ] The relevant author information has been added to \`AUTHORS.rst\` and \`.zenodo.json\`

	Please make sure you've read our [contributing guide](CONTRIBUTING.rst). We look forward to reviewing your Pull Request shortly ✨`
	})

Provide feedback