Bump step-security/harden-runner from 2.7.0 to 2.7.1

Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.7.0 to 2.7.1. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@63c24ba...a4aa98b) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
felddy · Apr 30, 2024 · 53aa0c7 · 53aa0c7
1 parent 328f71a
commit 53aa0c7
Show file tree

Hide file tree

Showing 14 changed files with 14 additions and 14 deletions.
diff --git a/.github/workflows/_build.yml b/.github/workflows/_build.yml
@@ -106,7 +106,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4  # tag=v2.7.1
         with:
           egress-policy: block
 

diff --git a/.github/workflows/_dependency-review.yml b/.github/workflows/_dependency-review.yml
@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4  # tag=v2.7.1
         with:
           disable-sudo: true
           egress-policy: block

diff --git a/.github/workflows/_labels.yml b/.github/workflows/_labels.yml
@@ -20,7 +20,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4  # tag=v2.7.1
         with:
           egress-policy: block
           allowed-endpoints: >

diff --git a/.github/workflows/_scorecards.yml b/.github/workflows/_scorecards.yml
@@ -29,7 +29,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4  # tag=v2.7.1
         with:
           disable-sudo: true
           egress-policy: block

diff --git a/.github/workflows/_stale-issues.yml b/.github/workflows/_stale-issues.yml
@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4  # tag=v2.7.1
         with:
           disable-sudo: true
           egress-policy: block

diff --git a/.github/workflows/common-lint.yml b/.github/workflows/common-lint.yml
@@ -50,7 +50,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4  # tag=v2.7.1
         with:
           disable-sudo: true
           egress-policy: block

diff --git a/.github/workflows/csv-to-json.yml b/.github/workflows/csv-to-json.yml
@@ -23,7 +23,7 @@ jobs:
       json: ${{ steps.csv-to-json.outputs.json }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4  # tag=v2.7.1
         with:
           egress-policy: block
           allowed-endpoints: >

diff --git a/.github/workflows/diagnostics.yml b/.github/workflows/diagnostics.yml
@@ -15,7 +15,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4  # tag=v2.7.1
         with:
           egress-policy: block
           allowed-endpoints: >

diff --git a/.github/workflows/docker-build-image.yml b/.github/workflows/docker-build-image.yml
@@ -156,7 +156,7 @@ jobs:
       image_archive_name: ${{ steps.check_image_archive_key.outputs.file_name }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4  # tag=v2.7.1
         with:
           disable-sudo: true
           egress-policy: audit

diff --git a/.github/workflows/docker-metadata.yml b/.github/workflows/docker-metadata.yml
@@ -38,7 +38,7 @@ jobs:
       tags: ${{ steps.prep.outputs.tags }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4  # tag=v2.7.1
         with:
           egress-policy: block
           allowed-endpoints: >

diff --git a/.github/workflows/docker-multi-arch-push.yml b/.github/workflows/docker-multi-arch-push.yml
@@ -36,7 +36,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4  # tag=v2.7.1
         with:
           allowed-endpoints: >
             auth.docker.io:443

diff --git a/.github/workflows/docker-publish-description.yml b/.github/workflows/docker-publish-description.yml
@@ -31,7 +31,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4  # tag=v2.7.1
         with:
           egress-policy: audit  # TODO: change to 'egress-policy: block' after couple of runs
 

diff --git a/.github/workflows/docker-pytest-image.yml b/.github/workflows/docker-pytest-image.yml
@@ -65,7 +65,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4  # tag=v2.7.1
         with:
           egress-policy: block
           allowed-endpoints: >

diff --git a/.github/workflows/sbom-artifact.yml b/.github/workflows/sbom-artifact.yml
@@ -44,7 +44,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142  # tag=v2.7.0
+        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4  # tag=v2.7.1
         with:
           disable-sudo: true
           egress-policy: audit