From 2f878306398058fa3d61c225fca94f7827535e7b Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 19 May 2024 00:36:21 +0000 Subject: [PATCH] chore(deps): update step-security/harden-runner action to v2.7.1 (#223) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [step-security/harden-runner](https://togithub.com/step-security/harden-runner) | action | patch | `v2.7.0` -> `v2.7.1` | --- ### Release Notes
step-security/harden-runner (step-security/harden-runner) ### [`v2.7.1`](https://togithub.com/step-security/harden-runner/releases/tag/v2.7.1) [Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.7.0...v2.7.1) ##### What's Changed Release v2.7.1 by [@​varunsh-coder](https://togithub.com/varunsh-coder), [@​h0x0er](https://togithub.com/h0x0er), [@​ashishkurmi](https://togithub.com/ashishkurmi) in [https://github.com/step-security/harden-runner/pull/397](https://togithub.com/step-security/harden-runner/pull/397) This release: - Improves the capability to [inspect outbound HTTPS traffic](https://www.stepsecurity.io/blog/monitor-outbound-https-requests-from-github-actions-runners) on GitHub-hosted and self-hosted VM runners - Updates README to add link to [case study video](https://www.youtube.com/watch?v=Yz72qAOrN9s) on how Harden-Runner detected a supply chain attack on a Google open-source project - Addresses minor bugs **Full Changelog**: https://github.com/step-security/harden-runner/compare/v2.7.0...v2.7.1
--- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/Tuhura-Tech/wiki). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/lint-pr.yml | 2 +- .github/workflows/scoreboard-security.yml | 2 +- .github/workflows/trufflehog.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/lint-pr.yml b/.github/workflows/lint-pr.yml index edbb4420..4cdcbad1 100644 --- a/.github/workflows/lint-pr.yml +++ b/.github/workflows/lint-pr.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 + uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 with: disable-sudo: true disable-file-monitoring: true diff --git a/.github/workflows/scoreboard-security.yml b/.github/workflows/scoreboard-security.yml index fa079740..59437465 100644 --- a/.github/workflows/scoreboard-security.yml +++ b/.github/workflows/scoreboard-security.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 + uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/trufflehog.yml b/.github/workflows/trufflehog.yml index 0ebc2da8..0341e696 100644 --- a/.github/workflows/trufflehog.yml +++ b/.github/workflows/trufflehog.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 + uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 with: disable-sudo: true egress-policy: audit