Use commit hash for dependabot-auto-approve action

Replace version tag with commit hash for better security and
reproducibility in GitHub Actions workflow.

Signed-off-by: Mathias L. Baumann <[email protected]>

Author: Marenz

.github/workflows/auto-dependabot.yaml

@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     if: github.actor == 'dependabot[bot]'
     steps:
-      - uses: frequenz-floss/dependabot-auto-approve@v1
+      - uses: frequenz-floss/dependabot-auto-approve@adc896110810a21178b68f82d4ecfc2f6e05fa67 # v1
         with:
           dependency-type: 'all'
           auto-merge: 'true'