Update to node20

action.yml

@@ -33,7 +33,7 @@ branding:
   icon: "check-square"
   color: "green"
 runs:
-  using: "node16"
+  using: "node20"
   pre: "dist/pre/index.js"
   main: "dist/index.js"
   post: "dist/post/index.js"

package.json

@@ -1,6 +1,6 @@
 {
   "name": "step-security-harden-runner",
-  "version": "2.6.1",
+  "version": "2.7.0",
   "description": "Security agent for GitHub-hosted runner: block egress traffic & detect code overwrite to prevent breaches",
   "main": "index.js",
   "scripts": {

src/setup.ts

@@ -266,6 +266,8 @@ import { isGithubHosted, isTLSEnabled } from "./tls-inspect";
   } catch (error) {
     core.setFailed(error.message);
   }
+  // see https://github.com/ruby/setup-ruby/issues/543
+  process.exit(0);
 })();
 
 export function sleep(ms) {

src/tls-inspect.ts

@@ -5,6 +5,7 @@ import * as core from "@actions/core";
 export async function isTLSEnabled(owner: string): Promise<boolean> {
   let tlsStatusEndpoint = `${STEPSECURITY_API_URL}/github/${owner}/actions/tls-inspection-status`;
   let httpClient = new HttpClient();
+  httpClient.requestOptions = { socketTimeout: 3 * 1000 };
   core.info(`[!] Checking TLS_STATUS: ${owner}`);
   let isEnabled = false;
   try {