Pin GitHub Actions workflow references to commit SHAs (actions/stale, checkout, setup-python)

AI Impact Summary

The workflow changes replace mutable action references with pinned commit SHAs for actions/stale, actions/checkout, and actions/setup-python. This locks the workflow behavior to a specific commit, improving reproducibility and auditability, but at the cost of needing manual maintenance to pick up security fixes or bug fixes in those actions. Teams will reduce CI drift and unexpected breaks from upstream updates, but must implement a cadence to refresh pins and validate compatibility when upstream changes are released.