step-security/harden-runner
1
0
Fork 0
mirror of synced 2026-06-05 14:04:04 +00:00
Code Issues Projects Releases Packages Wiki Activity

Compare commits

merge into: step-security:main
Branches Tags
step-security:main
step-security:update-agent-v1.8.7
step-security:update-agent-v1.8.6
step-security:fix/use-policy-store-default-audit
step-security:update-agent-v1.8.5
step-security:update-agent-v1.8.4
step-security:update-agent-v1.8.3
step-security:pr/660-refactor
step-security:rc-40
step-security:feature/deploy-on-self-hosted-vm
step-security:feature/policy-store
step-security:rc-39
step-security:rc-38
step-security:rc-37
step-security:rc-36
step-security:self-hosted
step-security:rc-35
step-security:rc-33
step-security:rc-34
step-security:dependabot/npm_and_yarn/fast-xml-parser-5.3.4
step-security:macos
step-security:rc-32
step-security:rc-31
step-security:windows
step-security:rc-30
step-security:dependabot/github_actions/github/codeql-action-4.31.9
step-security:ubicloud
step-security:dependabot/github_actions/codecov/codecov-action-5.5.2
step-security:feature/custom-property-skip
step-security:rc-29
step-security:dependabot/github_actions/step-security/publish-unit-test-result-action-2.21.1
step-security:dependabot/github_actions/actions/checkout-6
step-security:dependabot/npm_and_yarn/js-yaml-3.14.2
step-security:dependabot/github_actions/actions/dependency-review-action-4.8.2
step-security:rc-28
step-security:varunsh-coder-patch-4
step-security:dependabot/github_actions/ossf/scorecard-action-2.4.3
step-security:rc-27
step-security:rc-26
step-security:chore/GHA-101846-stepsecurity-remediation
step-security:dependabot/npm_and_yarn/form-data-2.5.5
step-security:rc-25
step-security:rc-24
step-security:rc-23
step-security:rc-22
step-security:dependabot/npm_and_yarn/brace-expansion-1.1.12
step-security:rc-21
step-security:chore/GHA-051524-stepsecurity-remediation
step-security:arc-fix
step-security:rc-20-int
step-security:rc-20
step-security:chore/GHA-171216-stepsecurity-remediation
step-security:rc-20-oss-int
step-security:cirrus-test
step-security:dependabot/npm_and_yarn/multi-d2cde0b322
step-security:rc-19
step-security:stepsecurity_remediation_1742901347
step-security:fix/security/GHSA-968p-4wvh-cqc8
step-security:update-readme-2
step-security:update-readme
step-security:varunsh-coder-patch-2
step-security:varunsh-coder-patch-3
step-security:stepsecurity_remediation_1740534601
step-security:dependabot/npm_and_yarn/multi-0f30d60bd3
step-security:dependabot/npm_and_yarn/multi-939339bafa
step-security:dependabot/github_actions/step-security/harden-runner-2.10.0
step-security:rc-18
step-security:fix-enobufs
step-security:rc-17
step-security:rc-16
step-security:rc-15
step-security:rc-14
step-security:dependabot/github_actions/actions/upload-artifact-4.4.0
step-security:varunsh-coder-patch-1
step-security:int-sh
step-security:rc-12
step-security:rc-10
step-security:dependabot/npm_and_yarn/braces-3.0.3
step-security:int
step-security:rc-9
step-security:rc-8
step-security:node-20
step-security:debug-perf-issue
step-security:fix-cache
step-security:markdown
step-security:update-packages
step-security:policy-preview
step-security:rc
step-security:v2.19.4
step-security:v2
step-security:v2.19.3
step-security:v2.19.2
step-security:v2.19.1
step-security:v2.19.0
step-security:v2.18.0
step-security:v2.17.0
step-security:v2.16.1
step-security:v2.16.0
step-security:v2.15.1
step-security:v2.15.0
step-security:v2.14.2
step-security:v2.14.1
step-security:v2.14.0
step-security:v2.13.3
step-security:v2.13.2
step-security:v2.13.1
step-security:v2.13.0
step-security:v2.12.2
step-security:v2.12.1
step-security:v2.12.0
step-security:v2.11.1
step-security:v2.11.0
step-security:v2.10.4
step-security:v2.10.3
step-security:v2.10.2
step-security:v2.10.1
step-security:v2.10.0
step-security:v2.9.1
step-security:v2.9.0
step-security:v2.8.1
step-security:v2.8.0
step-security:v2.7.1
step-security:v2.7.0
step-security:v2.6.1
step-security:v2.6.0
step-security:v2.5.1
step-security:v2.5.0
step-security:v2.4.1
step-security:v2.4.0
step-security:v2.3.1
step-security:v2.3.0
step-security:v2.2.1
step-security:v2.2.0
step-security:v2.1.0
step-security:v2.0.0
step-security:v1
step-security:v1.5.0
step-security:v1.4.5
step-security:v1.4.4
step-security:v1.4.3
step-security:v1.4.2
step-security:v1.4.1
step-security:v1.4.0
step-security:v1.3.0
step-security:v1.2.0
step-security:v1.1.0
step-security:v1.0.4
step-security:v1.0.3
step-security:v1.0.2
step-security:v1.0.1
step-security:v1.0.0
step-security:v0.4.0
step-security:v0.3.0
step-security:v0.2.0
step-security:v0.1.1
step-security:v0.1.0
...
pull from: step-security:dependabot/github_actions/step-security/harden-runner-2.10.0
Branches Tags
step-security:update-agent-v1.8.7
step-security:main
step-security:update-agent-v1.8.6
step-security:fix/use-policy-store-default-audit
step-security:update-agent-v1.8.5
step-security:update-agent-v1.8.4
step-security:update-agent-v1.8.3
step-security:pr/660-refactor
step-security:rc-40
step-security:feature/deploy-on-self-hosted-vm
step-security:feature/policy-store
step-security:rc-39
step-security:rc-38
step-security:rc-37
step-security:rc-36
step-security:self-hosted
step-security:rc-35
step-security:rc-33
step-security:rc-34
step-security:dependabot/npm_and_yarn/fast-xml-parser-5.3.4
step-security:macos
step-security:rc-32
step-security:rc-31
step-security:windows
step-security:rc-30
step-security:dependabot/github_actions/github/codeql-action-4.31.9
step-security:ubicloud
step-security:dependabot/github_actions/codecov/codecov-action-5.5.2
step-security:feature/custom-property-skip
step-security:rc-29
step-security:dependabot/github_actions/step-security/publish-unit-test-result-action-2.21.1
step-security:dependabot/github_actions/actions/checkout-6
step-security:dependabot/npm_and_yarn/js-yaml-3.14.2
step-security:dependabot/github_actions/actions/dependency-review-action-4.8.2
step-security:rc-28
step-security:varunsh-coder-patch-4
step-security:dependabot/github_actions/ossf/scorecard-action-2.4.3
step-security:rc-27
step-security:rc-26
step-security:chore/GHA-101846-stepsecurity-remediation
step-security:dependabot/npm_and_yarn/form-data-2.5.5
step-security:rc-25
step-security:rc-24
step-security:rc-23
step-security:rc-22
step-security:dependabot/npm_and_yarn/brace-expansion-1.1.12
step-security:rc-21
step-security:chore/GHA-051524-stepsecurity-remediation
step-security:arc-fix
step-security:rc-20-int
step-security:rc-20
step-security:chore/GHA-171216-stepsecurity-remediation
step-security:rc-20-oss-int
step-security:cirrus-test
step-security:dependabot/npm_and_yarn/multi-d2cde0b322
step-security:rc-19
step-security:stepsecurity_remediation_1742901347
step-security:fix/security/GHSA-968p-4wvh-cqc8
step-security:update-readme-2
step-security:update-readme
step-security:varunsh-coder-patch-2
step-security:varunsh-coder-patch-3
step-security:stepsecurity_remediation_1740534601
step-security:dependabot/npm_and_yarn/multi-0f30d60bd3
step-security:dependabot/npm_and_yarn/multi-939339bafa
step-security:dependabot/github_actions/step-security/harden-runner-2.10.0
step-security:rc-18
step-security:fix-enobufs
step-security:rc-17
step-security:rc-16
step-security:rc-15
step-security:rc-14
step-security:dependabot/github_actions/actions/upload-artifact-4.4.0
step-security:varunsh-coder-patch-1
step-security:int-sh
step-security:rc-12
step-security:rc-10
step-security:dependabot/npm_and_yarn/braces-3.0.3
step-security:int
step-security:rc-9
step-security:rc-8
step-security:node-20
step-security:debug-perf-issue
step-security:fix-cache
step-security:markdown
step-security:update-packages
step-security:policy-preview
step-security:rc
step-security:v2.19.4
step-security:v2
step-security:v2.19.3
step-security:v2.19.2
step-security:v2.19.1
step-security:v2.19.0
step-security:v2.18.0
step-security:v2.17.0
step-security:v2.16.1
step-security:v2.16.0
step-security:v2.15.1
step-security:v2.15.0
step-security:v2.14.2
step-security:v2.14.1
step-security:v2.14.0
step-security:v2.13.3
step-security:v2.13.2
step-security:v2.13.1
step-security:v2.13.0
step-security:v2.12.2
step-security:v2.12.1
step-security:v2.12.0
step-security:v2.11.1
step-security:v2.11.0
step-security:v2.10.4
step-security:v2.10.3
step-security:v2.10.2
step-security:v2.10.1
step-security:v2.10.0
step-security:v2.9.1
step-security:v2.9.0
step-security:v2.8.1
step-security:v2.8.0
step-security:v2.7.1
step-security:v2.7.0
step-security:v2.6.1
step-security:v2.6.0
step-security:v2.5.1
step-security:v2.5.0
step-security:v2.4.1
step-security:v2.4.0
step-security:v2.3.1
step-security:v2.3.0
step-security:v2.2.1
step-security:v2.2.0
step-security:v2.1.0
step-security:v2.0.0
step-security:v1
step-security:v1.5.0
step-security:v1.4.5
step-security:v1.4.4
step-security:v1.4.3
step-security:v1.4.2
step-security:v1.4.1
step-security:v1.4.0
step-security:v1.3.0
step-security:v1.2.0
step-security:v1.1.0
step-security:v1.0.4
step-security:v1.0.3
step-security:v1.0.2
step-security:v1.0.1
step-security:v1.0.0
step-security:v0.4.0
step-security:v0.3.0
step-security:v0.2.0
step-security:v0.1.1
step-security:v0.1.0

3 commits
main ... dependabot

Author SHA1 Message Date
Varun Sharma
b3f2cfe291
 		Merge branch 'main' into dependabot/github_actions/step-security/harden-runner-2.10.0 2025-02-17 21:03:38 -08:00
Varun Sharma
7e31930fd1
 		Merge branch 'main' into dependabot/github_actions/step-security/harden-runner-2.10.0 2024-09-10 19:11:15 -07:00
dependabot[bot]
7254ee0f3a
 		Bump step-security/harden-runner from 2.9.1 to 2.10.0 
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.9.1 to 2.10.0.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](5c7944e73c...446798f821)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-10 23:27:21 +00:00
8 changed files with 9 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.github/workflows/canary.yml vendored
View file

@ -22,7 +22,7 @@ jobs:
permissions:
contents: write
steps:
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v1
- uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v1
with:
egress-policy: audit
allowed-endpoints:

2
.github/workflows/code-review.yml vendored
View file

@ -11,7 +11,7 @@ jobs:
pull-requests: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0
with:
disable-sudo: true
egress-policy: block

2
.github/workflows/codeql-analysis.yml vendored
View file

@ -41,7 +41,7 @@ jobs:
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde
uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

2
.github/workflows/dependency-review.yml vendored
View file

@ -17,7 +17,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0
with:
egress-policy: audit

4
.github/workflows/recurring-int-tests.yml vendored
View file

@ -13,7 +13,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde
uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
@ -28,7 +28,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde
uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

2
.github/workflows/release.yml vendored
View file

@ -25,7 +25,7 @@ jobs:
permissions:
contents: write
steps:
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde
- uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858
with:
egress-policy: audit
allowed-endpoints:

2
.github/workflows/scorecards.yml vendored
View file

@ -25,7 +25,7 @@ jobs:
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0
with:
egress-policy: audit

2
.github/workflows/test.yml vendored
View file

@ -19,7 +19,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0
with:
disable-sudo: true
egress-policy: audit