From 4a49d69afea08c92194f44681bd1d6c0ff072b99 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 17 Nov 2023 05:06:36 +0000 Subject: [PATCH] Bump step-security/harden-runner from 2.5.1 to 2.6.1 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.5.1 to 2.6.1. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/8ca2b8b2ece13480cda6dacd3511b49857a23c09...eb238b55efaa70779f274895e782ed17c84f2895) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/audit-dev.yml | 2 +- .github/workflows/audit-release.yml | 4 ++-- .github/workflows/checks.yml | 32 ++++++++++++++-------------- .github/workflows/config-codecov.yml | 2 +- .github/workflows/config-npm.yml | 2 +- .github/workflows/labeler.yml | 2 +- .github/workflows/nightly.yml | 4 ++-- .github/workflows/publish.yml | 8 +++---- .github/workflows/release.yml | 2 +- .github/workflows/reusable-fuzz.yml | 2 +- .github/workflows/secrets.yml | 2 +- 11 files changed, 31 insertions(+), 31 deletions(-) diff --git a/.github/workflows/audit-dev.yml b/.github/workflows/audit-dev.yml index 7277b51a4..5fc1afefc 100644 --- a/.github/workflows/audit-dev.yml +++ b/.github/workflows/audit-dev.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/audit-release.yml b/.github/workflows/audit-release.yml index d2123a9ef..ebeab2799 100644 --- a/.github/workflows/audit-release.yml +++ b/.github/workflows/audit-release.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block @@ -44,7 +44,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index 64e3ca457..1ccf394b5 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -16,7 +16,7 @@ jobs: security-events: write # To upload CodeQL results steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block @@ -42,7 +42,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block @@ -71,7 +71,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block @@ -100,7 +100,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block @@ -149,7 +149,7 @@ jobs: security-events: write # To upload SARIF results steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block @@ -180,7 +180,7 @@ jobs: - transpile steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block @@ -219,7 +219,7 @@ jobs: - test-integration steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block @@ -260,7 +260,7 @@ jobs: - 20.0.0 steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block @@ -307,7 +307,7 @@ jobs: os: windows-2022 steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: false egress-policy: block @@ -365,7 +365,7 @@ jobs: os: windows-2022 steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: false egress-policy: block @@ -412,7 +412,7 @@ jobs: - test-unit steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block @@ -458,7 +458,7 @@ jobs: - test-integration steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: false egress-policy: block @@ -507,7 +507,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block @@ -545,7 +545,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block @@ -582,7 +582,7 @@ jobs: security-events: write # To upload SARIF results steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block @@ -616,7 +616,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/config-codecov.yml b/.github/workflows/config-codecov.yml index ee1e46eb1..47a1a0671 100644 --- a/.github/workflows/config-codecov.yml +++ b/.github/workflows/config-codecov.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/config-npm.yml b/.github/workflows/config-npm.yml index 3bf116031..f0aecf000 100644 --- a/.github/workflows/config-npm.yml +++ b/.github/workflows/config-npm.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml index 63fae9950..92943b9a7 100644 --- a/.github/workflows/labeler.yml +++ b/.github/workflows/labeler.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 854e359da..d31dabcf0 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -22,7 +22,7 @@ jobs: os: windows-2022 steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: false egress-policy: block @@ -70,7 +70,7 @@ jobs: pull-requests: write # To open a Pull Request steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index c6a3babe2..39019159f 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -17,7 +17,7 @@ jobs: version: ${{ steps.version.outputs.version }} steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block @@ -66,7 +66,7 @@ jobs: contents: write # To push a ref steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block @@ -110,7 +110,7 @@ jobs: contents: write # To create a GitHub Release steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block @@ -139,7 +139,7 @@ jobs: - check steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index dc93d6195..099b347d9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -22,7 +22,7 @@ jobs: pull-requests: write # To open a Pull Request steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/reusable-fuzz.yml b/.github/workflows/reusable-fuzz.yml index 1c872ce85..129715eeb 100644 --- a/.github/workflows/reusable-fuzz.yml +++ b/.github/workflows/reusable-fuzz.yml @@ -28,7 +28,7 @@ jobs: target: ${{ fromJson(inputs.targets) }} steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: block allowed-endpoints: > diff --git a/.github/workflows/secrets.yml b/.github/workflows/secrets.yml index de481601a..2c2184df0 100644 --- a/.github/workflows/secrets.yml +++ b/.github/workflows/secrets.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block