Update github actions version comments

[JeyJeyGao]

What is not working as expected?

The version coment stypes are not consistent.

notation/.github/workflows/scorecard.yml

Lines 41 to 64 in 0cc39b3

	- name: "Checkout code"
	uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # tag=3.5.3
	with:
	persist-credentials: false
	- name: "Run analysis"
	uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # tag=v2.2.0
	with:
	results_file: results.sarif
	results_format: sarif
	repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
	publish_results: true
	- name: "Upload artifact"
	uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # tag=v3.1.2
	with:
	name: SARIF file
	path: results.sarif
	retention-days: 5
	- name: "Upload to code-scanning"
	uses: github/codeql-action/upload-sarif@489225d82a57396c6f426a40e66d461b16b3461d # v2.20.4
	with:
	sarif_file: results.sarif

Also the license checker is not pinned commit.
https://github.com/notaryproject/notation/blob/0cc39b31b92b86150590b208a3caafbf1e09ac09/.github/workflows/license-checker.yml#L26C1-L28C38

What did you expect to happen?

We should update the version comment to use the same stype like v.*
Also update license-checker.yml to use pinned commit version comment after notation-core-go releases new version.

How can we reproduce it?

See the file in the repo.

Describe your environment

Github repo.

What is the version of your Notation CLI or Notation Library?

Notation v1.0.0-rc.7

[yizha1]

Closed as completed by #742