$ git clone -n https://src.fedoraproject.org/rpms/golang-github-task.git /var/lib/mock/f42-build-867041-174622/root/chroot_tmpdir/scmroot/golang-github-task
Cloning into '/var/lib/mock/f42-build-867041-174622/root/chroot_tmpdir/scmroot/golang-github-task'...
$ git fetch origin eb9871ceff06a0716e83802b46eb35ed34d0ae46:KOJI_FETCH_HEAD
From https://src.fedoraproject.org/rpms/golang-github-task
 * [new ref]         eb9871ceff06a0716e83802b46eb35ed34d0ae46 -> KOJI_FETCH_HEAD
$ git reset --hard KOJI_FETCH_HEAD
HEAD is now at eb9871c update to v3.40.1 to address CVE-2023-46402, close rhbz#2330797