From 11cd3cba7edaf79b3b0592e2300d248011878734 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 11 Apr 2024 10:19:32 +0200 Subject: [PATCH] chore(deps): bump step-security/harden-runner from 2.6.1 to 2.7.0 (#488) Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.6.1 to 2.7.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/eb238b55efaa70779f274895e782ed17c84f2895...63c24ba6bd7ba022e95695ff85de572c04a18142) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/docker.yml | 2 +- .github/workflows/go.yml | 12 ++++++------ .github/workflows/releaser.yml | 2 +- .github/workflows/scorecard.yml | 2 +- .github/workflows/security.yml | 2 +- 7 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index dc481d08..27975bb5 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -27,7 +27,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index ded48465..a66a605c 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 1e0430e3..159efb21 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -20,7 +20,7 @@ jobs: packages: write steps: - - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 with: egress-policy: audit disable-telemetry: true diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index 93402cb8..0a16467f 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -33,7 +33,7 @@ jobs: actions: write steps: - - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 with: disable-sudo: true disable-telemetry: true @@ -80,7 +80,7 @@ jobs: needs: [go-mod, golangci-lint] steps: - - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 with: disable-sudo: true disable-telemetry: true @@ -130,7 +130,7 @@ jobs: actions: write steps: - - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 with: disable-sudo: true disable-telemetry: true @@ -171,7 +171,7 @@ jobs: actions: write steps: - - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 with: disable-sudo: true disable-telemetry: true @@ -221,7 +221,7 @@ jobs: actions: write steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit @@ -266,7 +266,7 @@ jobs: actions: write steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit diff --git a/.github/workflows/releaser.yml b/.github/workflows/releaser.yml index b460d546..b93596ae 100644 --- a/.github/workflows/releaser.yml +++ b/.github/workflows/releaser.yml @@ -20,7 +20,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 49293e78..9ef34740 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index ded17e58..b7207206 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -30,7 +30,7 @@ jobs: if: (github.actor != 'dependabot[bot]') steps: - - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 with: disable-sudo: true disable-telemetry: true