From e4e53cef65c8c2a15bb8c493d1c5a982c4c29a3a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Sep 2024 04:25:05 +0000 Subject: [PATCH] chore(deps): bump step-security/harden-runner from 2.9.1 to 2.10.0 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.9.1 to 2.10.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde...446798f8213ac2e75931c1b0769676d927801858) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/check.yml | 4 ++-- .github/workflows/dependency-review.yml | 2 +- .github/workflows/safety.yml | 4 ++-- .github/workflows/scheduled.yml | 4 ++-- .github/workflows/scorecards.yml | 2 +- .github/workflows/test.yml | 6 +++--- 6 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index 4efa4ad6..be9cd07c 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -27,7 +27,7 @@ jobs: contents: write steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -51,7 +51,7 @@ jobs: fail-fast: false steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 34fa9221..9aabfe4f 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/safety.yml b/.github/workflows/safety.yml index 3ca49ff7..3a4c1a94 100644 --- a/.github/workflows/safety.yml +++ b/.github/workflows/safety.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -48,7 +48,7 @@ jobs: fail-fast: false steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/scheduled.yml b/.github/workflows/scheduled.yml index 28b93281..e74347d8 100644 --- a/.github/workflows/scheduled.yml +++ b/.github/workflows/scheduled.yml @@ -14,7 +14,7 @@ jobs: name: ubuntu / nightly steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -42,7 +42,7 @@ jobs: # if: hashFiles('Cargo.lock') != '' steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 2e80d8cb..20991eb4 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -31,7 +31,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 19330676..63878cf6 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -21,7 +21,7 @@ jobs: name: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -52,7 +52,7 @@ jobs: os: [macos-latest, windows-latest] steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -77,7 +77,7 @@ jobs: name: coverage steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs