From ef5e932006a5dc655da17148f621872f2b1ba21f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 14 Mar 2023 00:01:16 +0000 Subject: [PATCH] Bump step-security/harden-runner from 2.2.0 to 2.2.1 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.2.0 to 2.2.1. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/c8454efe5d0bdefd25384362fe217428ca277d57...1f99358870fe1c846a3ccba386cc2b2246836776) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/canary.yml | 2 +- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/recurring-int-tests.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/test.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/canary.yml b/.github/workflows/canary.yml index 36293bc..cd4493c 100644 --- a/.github/workflows/canary.yml +++ b/.github/workflows/canary.yml @@ -22,7 +22,7 @@ jobs: permissions: contents: write steps: - - uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v1 + - uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v1 with: allowed-endpoints: api.github.com:443 diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 63df2fd..92029aa 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -41,7 +41,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 + uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/recurring-int-tests.yml b/.github/workflows/recurring-int-tests.yml index 30df686..a3d3550 100644 --- a/.github/workflows/recurring-int-tests.yml +++ b/.github/workflows/recurring-int-tests.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 + uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 08f069f..ac83a30 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -25,7 +25,7 @@ jobs: permissions: contents: write steps: - - uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 + - uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 with: allowed-endpoints: api.github.com:443 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index d063596..2366354 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v2.2.0 + uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v2.2.1 with: disable-sudo: true egress-policy: block