Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: step-security/harden-runner
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v2.0.0
Choose a base ref
...
head repository: step-security/harden-runner
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v2.1.0
Choose a head ref
  • 20 commits
  • 21 files changed
  • 2 contributors

Commits on Nov 7, 2022

  1. Bump github/codeql-action from 2.1.29 to 2.1.31 

    Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.29 to 2.1.31.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@ec3cf9c...c3b6fce)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] authored Nov 7, 2022
    Configuration menu
    Copy the full SHA
    aca403b View commit details
    Browse the repository at this point in the history

Commits on Nov 9, 2022

  1. Update README.md 

    Update commit SHA to latest v2.0.0
    @varunsh-coder
    varunsh-coder authored Nov 9, 2022
    Configuration menu
    Copy the full SHA
    3c50773 View commit details
    Browse the repository at this point in the history

  2. Merge pull request #210 from step-security/varunsh-coder-patch-1 

    Update README.md
    @varunsh-coder
    varunsh-coder authored Nov 9, 2022
    Configuration menu
    Copy the full SHA
    8391994 View commit details
    Browse the repository at this point in the history

  3. Bump step-security/harden-runner from 1.5.0 to 2.0.0 

    Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 1.5.0 to 2.0.0.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](2e205a2...ebacdc2)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] authored Nov 9, 2022
    Configuration menu
    Copy the full SHA
    e283d58 View commit details
    Browse the repository at this point in the history

  4. Merge pull request #206 from step-security/dependabot/github_actions/… 

    …github/codeql-action-2.1.31

Bump github/codeql-action from 2.1.29 to 2.1.31
    @varunsh-coder
    varunsh-coder authored Nov 9, 2022
    Configuration menu
    Copy the full SHA
    77dc0c0 View commit details
    Browse the repository at this point in the history

  5. Merge pull request #211 from step-security/dependabot/github_actions/… 

    …step-security/harden-runner-2.0.0

Bump step-security/harden-runner from 1.5.0 to 2.0.0
    @varunsh-coder
    varunsh-coder authored Nov 9, 2022
    Configuration menu
    Copy the full SHA
    b440145 View commit details
    Browse the repository at this point in the history

Commits on Dec 5, 2022

  1. Update gif

    @varunsh-coder
    varunsh-coder committed Dec 5, 2022
    Configuration menu
    Copy the full SHA
    e016e30 View commit details
    Browse the repository at this point in the history

  2. Update README.md

    @varunsh-coder
    varunsh-coder committed Dec 5, 2022
    Configuration menu
    Copy the full SHA
    3887580 View commit details
    Browse the repository at this point in the history

  3. Merge pull request #216 from step-security/update-readme-gif 

    Update README
    @varunsh-coder
    varunsh-coder authored Dec 5, 2022
    Configuration menu
    Copy the full SHA
    0a5820a View commit details
    Browse the repository at this point in the history

Commits on Dec 14, 2022

  1. Bump github/codeql-action from 2.1.31 to 2.1.37 

    Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.31 to 2.1.37.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@c3b6fce...959cbb7)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] authored Dec 14, 2022
    Configuration menu
    Copy the full SHA
    ad94cd1 View commit details
    Browse the repository at this point in the history

Commits on Dec 15, 2022

  1. Bump ossf/scorecard-action from 2.0.6 to 2.1.0 

    Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.0.6 to 2.1.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](ossf/scorecard-action@99c5375...937ffa9)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] authored Dec 15, 2022
    Configuration menu
    Copy the full SHA
    ec78446 View commit details
    Browse the repository at this point in the history

  2. Merge pull request #221 from step-security/dependabot/github_actions/… 

    …ossf/scorecard-action-2.1.0

Bump ossf/scorecard-action from 2.0.6 to 2.1.0
    @varunsh-coder
    varunsh-coder authored Dec 15, 2022
    Configuration menu
    Copy the full SHA
    266a5d6 View commit details
    Browse the repository at this point in the history

Commits on Dec 22, 2022

  1. Bump ossf/scorecard-action from 2.1.0 to 2.1.2 

    Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.0 to 2.1.2.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](ossf/scorecard-action@937ffa9...e38b190)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] authored Dec 22, 2022
    Configuration menu
    Copy the full SHA
    717b0e7 View commit details
    Browse the repository at this point in the history

Commits on Jan 5, 2023

  1. Bump actions/checkout from 3.1.0 to 3.3.0 

    Bumps [actions/checkout](https://github.com/actions/checkout) from 3.1.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@93ea575...ac59398)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] authored Jan 5, 2023
    Configuration menu
    Copy the full SHA
    96d83b3 View commit details
    Browse the repository at this point in the history

Commits on Jan 6, 2023

  1. Bump actions/upload-artifact from 3.1.1 to 3.1.2 

    Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@83fd05a...0b7f8ab)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] authored Jan 6, 2023
    Configuration menu
    Copy the full SHA
    6e39bc0 View commit details
    Browse the repository at this point in the history

Commits on Jan 7, 2023

  1. Merge pull request #220 from step-security/dependabot/github_actions/… 

    …github/codeql-action-2.1.37

Bump github/codeql-action from 2.1.31 to 2.1.37
    @varunsh-coder
    varunsh-coder authored Jan 7, 2023
    Configuration menu
    Copy the full SHA
    1a7bdcd View commit details
    Browse the repository at this point in the history

  2. Merge pull request #223 from step-security/dependabot/github_actions/… 

    …ossf/scorecard-action-2.1.2

Bump ossf/scorecard-action from 2.1.0 to 2.1.2
    @varunsh-coder
    varunsh-coder authored Jan 7, 2023
    Configuration menu
    Copy the full SHA
    df4ea73 View commit details
    Browse the repository at this point in the history

  3. Merge pull request #225 from step-security/dependabot/github_actions/… 

    …actions/upload-artifact-3.1.2

Bump actions/upload-artifact from 3.1.1 to 3.1.2
    @varunsh-coder
    varunsh-coder authored Jan 7, 2023
    Configuration menu
    Copy the full SHA
    55ac879 View commit details
    Browse the repository at this point in the history

  4. Merge pull request #224 from step-security/dependabot/github_actions/… 

    …actions/checkout-3.3.0

Bump actions/checkout from 3.1.0 to 3.3.0
    @varunsh-coder
    varunsh-coder authored Jan 7, 2023
    Configuration menu
    Copy the full SHA
    8a1ef77 View commit details
    Browse the repository at this point in the history

Commits on Jan 13, 2023

  1. Add step-security insights url in job summary (#227)

    @varunsh-coder
    varunsh-coder authored Jan 13, 2023
    Configuration menu
    Copy the full SHA
    18bf8ad View commit details
    Browse the repository at this point in the history
Loading