Merge pull request #188 from step-security/dependabot/github_actions/step-security/harden-runner-1.5.0

Bump step-security/harden-runner from 1.4.5 to 1.5.0
2026-06-08 18:17:06 +00:00 · 2022-09-29 23:57:23 -07:00 · 2022-09-29 23:57:23 -07:00 · 6f6b0e0d2a
commit 6f6b0e0d2a
parent b8a619fa13 1fae6dfd7b
4 changed files with 4 additions and 4 deletions
--- a/.github/workflows/canary.yml
+++ b/.github/workflows/canary.yml
@ -22,7 +22,7 @@ jobs:
    permissions:
      contents: write
    steps:
-    - uses: step-security/harden-runner@dd2c410b088af7c0dc8046f3ac9a8f4148492a95 # v1
+    - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1
      with:
        allowed-endpoints: 
          api.github.com:443
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@ -41,7 +41,7 @@ jobs:

    steps:
    - name: Harden Runner
-      uses: step-security/harden-runner@dd2c410b088af7c0dc8046f3ac9a8f4148492a95
+      uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34
      with:
        egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

--- a/.github/workflows/recurring-int-tests.yml
+++ b/.github/workflows/recurring-int-tests.yml
@ -13,7 +13,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
    - name: Harden Runner
-      uses: step-security/harden-runner@dd2c410b088af7c0dc8046f3ac9a8f4148492a95
+      uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34
      with:
        egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -25,7 +25,7 @@ jobs:
    permissions:
      contents: write
    steps:
-    - uses: step-security/harden-runner@dd2c410b088af7c0dc8046f3ac9a8f4148492a95
+    - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34
      with:
        allowed-endpoints: 
          api.github.com:443