Merge pull request #327 from step-security/dependabot/github_actions/step-security/harden-runner-2.5.0
Bump step-security/harden-runner from 2.4.1 to 2.5.0
This commit is contained in:
Varun Sharma
GitHub
commit
97689868c8
8 changed files with 8 additions and 8 deletions
2
.github/workflows/canary.yml
vendored
2
.github/workflows/canary.yml
vendored
|
|
@ -22,7 +22,7 @@ jobs:
|
|||
permissions:
|
||||
contents: write
|
||||
steps:
|
||||
- uses: step-security/harden-runner@55d479fb1c5bcad5a4f9099a5d9f37c8857b2845 # v1
|
||||
- uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v1
|
||||
with:
|
||||
allowed-endpoints:
|
||||
api.github.com:443
|
||||
|
|
|
|||
2
.github/workflows/code-review.yml
vendored
2
.github/workflows/code-review.yml
vendored
|
|
@ -11,7 +11,7 @@ jobs:
|
|||
pull-requests: read
|
||||
steps:
|
||||
- name: Harden Runner
|
||||
uses: step-security/harden-runner@55d479fb1c5bcad5a4f9099a5d9f37c8857b2845 # v2.4.1
|
||||
uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0
|
||||
with:
|
||||
disable-sudo: true
|
||||
egress-policy: block
|
||||
|
|
|
|||
2
.github/workflows/codeql-analysis.yml
vendored
2
.github/workflows/codeql-analysis.yml
vendored
|
|
@ -41,7 +41,7 @@ jobs:
|
|||
|
||||
steps:
|
||||
- name: Harden Runner
|
||||
uses: step-security/harden-runner@55d479fb1c5bcad5a4f9099a5d9f37c8857b2845
|
||||
uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604
|
||||
with:
|
||||
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
|
||||
|
||||
|
|
|
|||
2
.github/workflows/dependency-review.yml
vendored
2
.github/workflows/dependency-review.yml
vendored
|
|
@ -17,7 +17,7 @@ jobs:
|
|||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Harden Runner
|
||||
uses: step-security/harden-runner@55d479fb1c5bcad5a4f9099a5d9f37c8857b2845 # v2.4.1
|
||||
uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
|
||||
|
|
|
|||
2
.github/workflows/recurring-int-tests.yml
vendored
2
.github/workflows/recurring-int-tests.yml
vendored
|
|
@ -13,7 +13,7 @@ jobs:
|
|||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Harden Runner
|
||||
uses: step-security/harden-runner@55d479fb1c5bcad5a4f9099a5d9f37c8857b2845
|
||||
uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604
|
||||
with:
|
||||
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
|
||||
|
||||
|
|
|
|||
2
.github/workflows/release.yml
vendored
2
.github/workflows/release.yml
vendored
|
|
@ -25,7 +25,7 @@ jobs:
|
|||
permissions:
|
||||
contents: write
|
||||
steps:
|
||||
- uses: step-security/harden-runner@55d479fb1c5bcad5a4f9099a5d9f37c8857b2845
|
||||
- uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604
|
||||
with:
|
||||
allowed-endpoints:
|
||||
api.github.com:443
|
||||
|
|
|
|||
2
.github/workflows/scorecards.yml
vendored
2
.github/workflows/scorecards.yml
vendored
|
|
@ -25,7 +25,7 @@ jobs:
|
|||
|
||||
steps:
|
||||
- name: Harden Runner
|
||||
uses: step-security/harden-runner@55d479fb1c5bcad5a4f9099a5d9f37c8857b2845 # v2.4.1
|
||||
uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
|
||||
|
|
|
|||
2
.github/workflows/test.yml
vendored
2
.github/workflows/test.yml
vendored
|
|
@ -16,7 +16,7 @@ jobs:
|
|||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Harden Runner
|
||||
uses: step-security/harden-runner@55d479fb1c5bcad5a4f9099a5d9f37c8857b2845 # v2.4.1
|
||||
uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0
|
||||
with:
|
||||
disable-sudo: true
|
||||
egress-policy: block
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue