From d66caf9a9c659ba8ae4c3fa5ededa428fe846b85 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 22 May 2024 14:37:07 +0000 Subject: [PATCH] --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/stale-issues.yml | 2 +- .github/workflows/sync-labels.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 4113931..8bad4e8 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -44,7 +44,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # tag=v2.7.0 + uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # tag=v2.8.0 with: # TODO: change to 'egress-policy: block' after couple of runs egress-policy: audit diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 1c07122..c776a9b 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # tag=v2.7.0 + uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # tag=v2.8.0 with: # TODO: change to 'egress-policy: block' after couple of runs egress-policy: audit - name: 'Checkout Repository' diff --git a/.github/workflows/stale-issues.yml b/.github/workflows/stale-issues.yml index 5998c2b..befcd39 100644 --- a/.github/workflows/stale-issues.yml +++ b/.github/workflows/stale-issues.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # tag=v2.7.0 + uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # tag=v2.8.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/sync-labels.yml b/.github/workflows/sync-labels.yml index adbb0ec..4ad6885 100644 --- a/.github/workflows/sync-labels.yml +++ b/.github/workflows/sync-labels.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # tag=v2.7.0 + uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # tag=v2.8.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # tag=v4.1.2