From a7314012f79f2c03fa760ddcff0dc104dcabf3be Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 16 Mar 2023 08:37:40 +0100 Subject: [PATCH] chore(deps): bump step-security/harden-runner from 2.2.0 to 2.2.1 (#76) Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.2.0 to 2.2.1. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/v2.2.0...1f99358870fe1c846a3ccba386cc2b2246836776) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/docker.yml | 2 +- .github/workflows/go.yml | 8 ++++---- .github/workflows/security.yml | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 20a33dae..eec8ac32 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 # v2.2.0 + uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v2.2.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 2c469364..474cb64e 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: step-security/harden-runner@v2.2.0 + uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 with: egress-policy: audit disable-telemetry: true diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index 523e521d..6421af32 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -32,7 +32,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: step-security/harden-runner@v2.2.0 + uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 with: disable-sudo: true disable-telemetry: true @@ -77,7 +77,7 @@ jobs: needs: [golangci-lint, go-mod] steps: - - uses: step-security/harden-runner@v2.2.0 + uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 with: disable-sudo: true disable-telemetry: true @@ -125,7 +125,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: step-security/harden-runner@v2.2.0 + uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 with: disable-sudo: true disable-telemetry: true @@ -162,7 +162,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: step-security/harden-runner@v2.2.0 + uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 with: disable-sudo: true disable-telemetry: true diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 39a7a1fe..03389c9f 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -30,7 +30,7 @@ jobs: if: (github.actor != 'dependabot[bot]') steps: - - uses: step-security/harden-runner@v2.2.0 + uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 with: disable-sudo: true disable-telemetry: true