step-security/harden-runner
1
0
Fork 0
mirror of https://github.com/step-security/harden-runner.git synced 2026-06-06 13:47:06 +00:00
Code Issues Projects Releases Packages Wiki Activity

Compare commits

merge into: step-security:main
Branches Tags
step-security:main
step-security:update-agent-v1.8.7
step-security:update-agent-v1.8.6
step-security:fix/use-policy-store-default-audit
step-security:update-agent-v1.8.5
step-security:update-agent-v1.8.4
step-security:update-agent-v1.8.3
step-security:pr/660-refactor
step-security:rc-40
step-security:feature/deploy-on-self-hosted-vm
step-security:feature/policy-store
step-security:rc-39
step-security:rc-38
step-security:rc-37
step-security:rc-36
step-security:self-hosted
step-security:rc-35
step-security:rc-33
step-security:rc-34
step-security:dependabot/npm_and_yarn/fast-xml-parser-5.3.4
step-security:macos
step-security:rc-32
step-security:rc-31
step-security:windows
step-security:rc-30
step-security:dependabot/github_actions/github/codeql-action-4.31.9
step-security:ubicloud
step-security:dependabot/github_actions/codecov/codecov-action-5.5.2
step-security:feature/custom-property-skip
step-security:rc-29
step-security:dependabot/github_actions/step-security/publish-unit-test-result-action-2.21.1
step-security:dependabot/github_actions/actions/checkout-6
step-security:dependabot/npm_and_yarn/js-yaml-3.14.2
step-security:dependabot/github_actions/actions/dependency-review-action-4.8.2
step-security:rc-28
step-security:varunsh-coder-patch-4
step-security:dependabot/github_actions/ossf/scorecard-action-2.4.3
step-security:rc-27
step-security:rc-26
step-security:chore/GHA-101846-stepsecurity-remediation
step-security:dependabot/npm_and_yarn/form-data-2.5.5
step-security:rc-25
step-security:rc-24
step-security:rc-23
step-security:rc-22
step-security:dependabot/npm_and_yarn/brace-expansion-1.1.12
step-security:rc-21
step-security:chore/GHA-051524-stepsecurity-remediation
step-security:arc-fix
step-security:rc-20-int
step-security:rc-20
step-security:chore/GHA-171216-stepsecurity-remediation
step-security:rc-20-oss-int
step-security:cirrus-test
step-security:dependabot/npm_and_yarn/multi-d2cde0b322
step-security:rc-19
step-security:stepsecurity_remediation_1742901347
step-security:fix/security/GHSA-968p-4wvh-cqc8
step-security:update-readme-2
step-security:update-readme
step-security:varunsh-coder-patch-2
step-security:varunsh-coder-patch-3
step-security:stepsecurity_remediation_1740534601
step-security:dependabot/npm_and_yarn/multi-0f30d60bd3
step-security:dependabot/npm_and_yarn/multi-939339bafa
step-security:dependabot/github_actions/step-security/harden-runner-2.10.0
step-security:rc-18
step-security:fix-enobufs
step-security:rc-17
step-security:rc-16
step-security:rc-15
step-security:rc-14
step-security:dependabot/github_actions/actions/upload-artifact-4.4.0
step-security:varunsh-coder-patch-1
step-security:int-sh
step-security:rc-12
step-security:rc-10
step-security:dependabot/npm_and_yarn/braces-3.0.3
step-security:int
step-security:rc-9
step-security:rc-8
step-security:node-20
step-security:debug-perf-issue
step-security:fix-cache
step-security:markdown
step-security:update-packages
step-security:policy-preview
step-security:rc
step-security:v2.19.4
step-security:v2
step-security:v2.19.3
step-security:v2.19.2
step-security:v2.19.1
step-security:v2.19.0
step-security:v2.18.0
step-security:v2.17.0
step-security:v2.16.1
step-security:v2.16.0
step-security:v2.15.1
step-security:v2.15.0
step-security:v2.14.2
step-security:v2.14.1
step-security:v2.14.0
step-security:v2.13.3
step-security:v2.13.2
step-security:v2.13.1
step-security:v2.13.0
step-security:v2.12.2
step-security:v2.12.1
step-security:v2.12.0
step-security:v2.11.1
step-security:v2.11.0
step-security:v2.10.4
step-security:v2.10.3
step-security:v2.10.2
step-security:v2.10.1
step-security:v2.10.0
step-security:v2.9.1
step-security:v2.9.0
step-security:v2.8.1
step-security:v2.8.0
step-security:v2.7.1
step-security:v2.7.0
step-security:v2.6.1
step-security:v2.6.0
step-security:v2.5.1
step-security:v2.5.0
step-security:v2.4.1
step-security:v2.4.0
step-security:v2.3.1
step-security:v2.3.0
step-security:v2.2.1
step-security:v2.2.0
step-security:v2.1.0
step-security:v2.0.0
step-security:v1
step-security:v1.5.0
step-security:v1.4.5
step-security:v1.4.4
step-security:v1.4.3
step-security:v1.4.2
step-security:v1.4.1
step-security:v1.4.0
step-security:v1.3.0
step-security:v1.2.0
step-security:v1.1.0
step-security:v1.0.4
step-security:v1.0.3
step-security:v1.0.2
step-security:v1.0.1
step-security:v1.0.0
step-security:v0.4.0
step-security:v0.3.0
step-security:v0.2.0
step-security:v0.1.1
step-security:v0.1.0
...
pull from: step-security:dependabot/github_actions/actions/checkout-6
Branches Tags
step-security:update-agent-v1.8.7
step-security:main
step-security:update-agent-v1.8.6
step-security:fix/use-policy-store-default-audit
step-security:update-agent-v1.8.5
step-security:update-agent-v1.8.4
step-security:update-agent-v1.8.3
step-security:pr/660-refactor
step-security:rc-40
step-security:feature/deploy-on-self-hosted-vm
step-security:feature/policy-store
step-security:rc-39
step-security:rc-38
step-security:rc-37
step-security:rc-36
step-security:self-hosted
step-security:rc-35
step-security:rc-33
step-security:rc-34
step-security:dependabot/npm_and_yarn/fast-xml-parser-5.3.4
step-security:macos
step-security:rc-32
step-security:rc-31
step-security:windows
step-security:rc-30
step-security:dependabot/github_actions/github/codeql-action-4.31.9
step-security:ubicloud
step-security:dependabot/github_actions/codecov/codecov-action-5.5.2
step-security:feature/custom-property-skip
step-security:rc-29
step-security:dependabot/github_actions/step-security/publish-unit-test-result-action-2.21.1
step-security:dependabot/github_actions/actions/checkout-6
step-security:dependabot/npm_and_yarn/js-yaml-3.14.2
step-security:dependabot/github_actions/actions/dependency-review-action-4.8.2
step-security:rc-28
step-security:varunsh-coder-patch-4
step-security:dependabot/github_actions/ossf/scorecard-action-2.4.3
step-security:rc-27
step-security:rc-26
step-security:chore/GHA-101846-stepsecurity-remediation
step-security:dependabot/npm_and_yarn/form-data-2.5.5
step-security:rc-25
step-security:rc-24
step-security:rc-23
step-security:rc-22
step-security:dependabot/npm_and_yarn/brace-expansion-1.1.12
step-security:rc-21
step-security:chore/GHA-051524-stepsecurity-remediation
step-security:arc-fix
step-security:rc-20-int
step-security:rc-20
step-security:chore/GHA-171216-stepsecurity-remediation
step-security:rc-20-oss-int
step-security:cirrus-test
step-security:dependabot/npm_and_yarn/multi-d2cde0b322
step-security:rc-19
step-security:stepsecurity_remediation_1742901347
step-security:fix/security/GHSA-968p-4wvh-cqc8
step-security:update-readme-2
step-security:update-readme
step-security:varunsh-coder-patch-2
step-security:varunsh-coder-patch-3
step-security:stepsecurity_remediation_1740534601
step-security:dependabot/npm_and_yarn/multi-0f30d60bd3
step-security:dependabot/npm_and_yarn/multi-939339bafa
step-security:dependabot/github_actions/step-security/harden-runner-2.10.0
step-security:rc-18
step-security:fix-enobufs
step-security:rc-17
step-security:rc-16
step-security:rc-15
step-security:rc-14
step-security:dependabot/github_actions/actions/upload-artifact-4.4.0
step-security:varunsh-coder-patch-1
step-security:int-sh
step-security:rc-12
step-security:rc-10
step-security:dependabot/npm_and_yarn/braces-3.0.3
step-security:int
step-security:rc-9
step-security:rc-8
step-security:node-20
step-security:debug-perf-issue
step-security:fix-cache
step-security:markdown
step-security:update-packages
step-security:policy-preview
step-security:rc
step-security:v2.19.4
step-security:v2
step-security:v2.19.3
step-security:v2.19.2
step-security:v2.19.1
step-security:v2.19.0
step-security:v2.18.0
step-security:v2.17.0
step-security:v2.16.1
step-security:v2.16.0
step-security:v2.15.1
step-security:v2.15.0
step-security:v2.14.2
step-security:v2.14.1
step-security:v2.14.0
step-security:v2.13.3
step-security:v2.13.2
step-security:v2.13.1
step-security:v2.13.0
step-security:v2.12.2
step-security:v2.12.1
step-security:v2.12.0
step-security:v2.11.1
step-security:v2.11.0
step-security:v2.10.4
step-security:v2.10.3
step-security:v2.10.2
step-security:v2.10.1
step-security:v2.10.0
step-security:v2.9.1
step-security:v2.9.0
step-security:v2.8.1
step-security:v2.8.0
step-security:v2.7.1
step-security:v2.7.0
step-security:v2.6.1
step-security:v2.6.0
step-security:v2.5.1
step-security:v2.5.0
step-security:v2.4.1
step-security:v2.4.0
step-security:v2.3.1
step-security:v2.3.0
step-security:v2.2.1
step-security:v2.2.0
step-security:v2.1.0
step-security:v2.0.0
step-security:v1
step-security:v1.5.0
step-security:v1.4.5
step-security:v1.4.4
step-security:v1.4.3
step-security:v1.4.2
step-security:v1.4.1
step-security:v1.4.0
step-security:v1.3.0
step-security:v1.2.0
step-security:v1.1.0
step-security:v1.0.4
step-security:v1.0.3
step-security:v1.0.2
step-security:v1.0.1
step-security:v1.0.0
step-security:v0.4.0
step-security:v0.3.0
step-security:v0.2.0
step-security:v0.1.1
step-security:v0.1.0

1 commit
main ... dependabot

Author SHA1 Message Date
dependabot[bot]
dd44506bd6
 		Bump actions/checkout from 3 to 6 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Commits](https://github.com/actions/checkout/compare/v3...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-20 23:03:45 +00:00
8 changed files with 12 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.github/workflows/canary.yml vendored
View file

@ -29,7 +29,7 @@ jobs:
api.github.com:443
github.com:443
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v2
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v2
- name: Update the rc tag
uses: step-security/publish-action@b438f840875fdcb7d1de4fc3d1d30e86cf6acb5d
with:

2
.github/workflows/codeql-analysis.yml vendored
View file

@ -46,7 +46,7 @@ jobs:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL

2
.github/workflows/dependency-review.yml vendored
View file

@ -22,6 +22,6 @@ jobs:
egress-policy: audit
- name: 'Checkout Repository'
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
- name: 'Dependency Review'
uses: actions/dependency-review-action@0c155c5e8556a497adf53f2c18edabf945ed8e70 # v4.3.2

2
.github/workflows/publish-immutable-actions.yml vendored
View file

@ -22,7 +22,7 @@ jobs:
egress-policy: audit
- name: Checking out
uses: actions/checkout@v4
uses: actions/checkout@v6
- name: Publish
id: publish
uses: actions/publish-immutable-action@0.0.4

2
.github/workflows/release.yml vendored
View file

@ -32,7 +32,7 @@ jobs:
api.github.com:443
github.com:443
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3
- name: Update the rc tag
uses: step-security/publish-action@b438f840875fdcb7d1de4fc3d1d30e86cf6acb5d
with:

8
.github/workflows/runs-on.yml vendored
View file

@ -23,7 +23,7 @@ jobs:
- name: Checkout code
uses: actions/checkout@v3
uses: actions/checkout@v6
- name: Run outbound calls from host
run: |
@ -56,7 +56,7 @@ jobs:
security.ubuntu.com:80
- name: Checkout code
uses: actions/checkout@v3
uses: actions/checkout@v6
- name: Run outbound calls from within Docker container
continue-on-error: true
@ -103,7 +103,7 @@ jobs:
security.ubuntu.com:80
- name: Checkout code
uses: actions/checkout@v3
uses: actions/checkout@v6
- name: Build Docker image and test outbound calls during build
continue-on-error: true
@ -152,7 +152,7 @@ jobs:
- name: Checkout code
uses: actions/checkout@v3
uses: actions/checkout@v6
- name: Run long-running Docker container with outbound calls
continue-on-error: true

2
.github/workflows/scorecards.yml vendored
View file

@ -30,7 +30,7 @@ jobs:
egress-policy: audit
- name: "Checkout code"
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # tag=v3.0.0
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # tag=v3.0.0
with:
persist-credentials: false

4
.github/workflows/test.yml vendored
View file

@ -32,7 +32,7 @@ jobs:
uploader.codecov.io:443
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
- name: Install Dependencies
run: npm ci
- name: Run coverage
@ -58,7 +58,7 @@ jobs:
registry.npmjs.org:443
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
- name: Install Dependencies
run: npm ci
- name: Run build