From 9973777dd488cdaff1ceaf70b5257cd04d02a30b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 20 Jun 2023 23:58:50 +0000 Subject: [PATCH] Bump step-security/harden-runner from 2.4.0 to 2.4.1 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.4.0 to 2.4.1. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/128a63446a954579617e875aaab7d2978154e969...55d479fb1c5bcad5a4f9099a5d9f37c8857b2845) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/canary.yml | 2 +- .github/workflows/code-review.yml | 2 +- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/recurring-int-tests.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/test.yml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/canary.yml b/.github/workflows/canary.yml index 6a22cbf6..b6e891f1 100644 --- a/.github/workflows/canary.yml +++ b/.github/workflows/canary.yml @@ -22,7 +22,7 @@ jobs: permissions: contents: write steps: - - uses: step-security/harden-runner@128a63446a954579617e875aaab7d2978154e969 # v1 + - uses: step-security/harden-runner@55d479fb1c5bcad5a4f9099a5d9f37c8857b2845 # v1 with: allowed-endpoints: api.github.com:443 diff --git a/.github/workflows/code-review.yml b/.github/workflows/code-review.yml index c40f9f80..f5880d60 100644 --- a/.github/workflows/code-review.yml +++ b/.github/workflows/code-review.yml @@ -11,7 +11,7 @@ jobs: pull-requests: read steps: - name: Harden Runner - uses: step-security/harden-runner@128a63446a954579617e875aaab7d2978154e969 # v2.4.0 + uses: step-security/harden-runner@55d479fb1c5bcad5a4f9099a5d9f37c8857b2845 # v2.4.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 13ab14f2..ec6c4735 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -41,7 +41,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@128a63446a954579617e875aaab7d2978154e969 + uses: step-security/harden-runner@55d479fb1c5bcad5a4f9099a5d9f37c8857b2845 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/recurring-int-tests.yml b/.github/workflows/recurring-int-tests.yml index c1949e87..ae746a00 100644 --- a/.github/workflows/recurring-int-tests.yml +++ b/.github/workflows/recurring-int-tests.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@128a63446a954579617e875aaab7d2978154e969 + uses: step-security/harden-runner@55d479fb1c5bcad5a4f9099a5d9f37c8857b2845 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f8e75b72..5a49fcf0 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -25,7 +25,7 @@ jobs: permissions: contents: write steps: - - uses: step-security/harden-runner@128a63446a954579617e875aaab7d2978154e969 + - uses: step-security/harden-runner@55d479fb1c5bcad5a4f9099a5d9f37c8857b2845 with: allowed-endpoints: api.github.com:443 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index ee67059f..8b9edfd0 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@128a63446a954579617e875aaab7d2978154e969 # v2.4.0 + uses: step-security/harden-runner@55d479fb1c5bcad5a4f9099a5d9f37c8857b2845 # v2.4.1 with: disable-sudo: true egress-policy: block