From fe5fb9afb78ebcb818df7abc82f3113d6533f605 Mon Sep 17 00:00:00 2001
From: Varun Sharma <varunsh@stepsecurity.io>
Date: Tue, 14 Dec 2021 11:07:52 -0800
Subject: [PATCH] Use 0.4.1 version

Uses SHA256 to verify tools
---
 package.json | 2 +-
 src/setup.ts | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/package.json b/package.json
index 23534d1..a96eb7a 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
     "name": "step-security-harden-runner",
-    "version": "1.0.0",
+    "version": "1.0.1",
     "description": "GitHub Actions Runtime Security",
     "main": "index.js",
     "scripts": {
diff --git a/src/setup.ts b/src/setup.ts
index 8178207..55fa8f8 100644
--- a/src/setup.ts
+++ b/src/setup.ts
@@ -49,7 +49,7 @@ import * as tc from "@actions/tool-cache";
     cp.execSync("sudo chown -R $USER /home/agent");
 
     const downloadPath: string = await tc.downloadTool(
-      "https://github.com/step-security/agent/releases/download/v0.4.0/agent_0.4.0_linux_amd64.tar.gz"
+      "https://github.com/step-security/agent/releases/download/v0.4.1/agent_0.4.1_linux_amd64.tar.gz"
     );
     const extractPath = await tc.extractTar(downloadPath);