From 3c8c870a62ee78700e81fb37980ce96822d6e124 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 Nov 2024 23:49:24 +0000 Subject: [PATCH] Bump step-security/harden-runner Bumps the github_actions group with 1 update in the /.github/workflows directory: [step-security/harden-runner](https://github.com/step-security/harden-runner). Updates `step-security/harden-runner` from 1 to 2.10.2 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/v1...v2.10.2) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production dependency-group: github_actions ... Signed-off-by: dependabot[bot] --- .github/workflows/latest-npm.yml | 6 +++--- .github/workflows/lint.yml | 8 ++++---- .github/workflows/rebase.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/require-allow-edits.yml | 2 +- .github/workflows/shellcheck.yml | 4 ++-- .github/workflows/tests.yml | 2 +- .github/workflows/toc.yml | 2 +- 8 files changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/latest-npm.yml b/.github/workflows/latest-npm.yml index 954087bd13..bc4485b5b6 100644 --- a/.github/workflows/latest-npm.yml +++ b/.github/workflows/latest-npm.yml @@ -9,7 +9,7 @@ jobs: latest: ${{ steps.set-matrix.outputs.requireds }} steps: - name: Harden Runner - uses: step-security/harden-runner@v1 + uses: step-security/harden-runner@v2.10.2 with: allowed-endpoints: iojs.org:443 @@ -46,7 +46,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@v1 + uses: step-security/harden-runner@v2.10.2 with: allowed-endpoints: github.com:443 @@ -75,7 +75,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@v1 + uses: step-security/harden-runner@v2.10.2 with: egress-policy: block - run: 'echo tests completed' diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index e9d06ce736..e25b3a3f50 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -8,7 +8,7 @@ jobs: contents: read runs-on: ubuntu-latest steps: - - uses: step-security/harden-runner@v1 + - uses: step-security/harden-runner@v2.10.2 with: allowed-endpoints: github.com:443 @@ -27,7 +27,7 @@ jobs: contents: read runs-on: ubuntu-latest steps: - - uses: step-security/harden-runner@v1 + - uses: step-security/harden-runner@v2.10.2 with: allowed-endpoints: ghcr.io:443 @@ -48,7 +48,7 @@ jobs: contents: read runs-on: ubuntu-latest steps: - - uses: step-security/harden-runner@v1 + - uses: step-security/harden-runner@v2.10.2 with: allowed-endpoints: github.com:443 @@ -67,7 +67,7 @@ jobs: contents: read runs-on: ubuntu-latest steps: - - uses: step-security/harden-runner@v1 + - uses: step-security/harden-runner@v2.10.2 with: allowed-endpoints: github.com:443 diff --git a/.github/workflows/rebase.yml b/.github/workflows/rebase.yml index d464077f99..0b1e708dd1 100644 --- a/.github/workflows/rebase.yml +++ b/.github/workflows/rebase.yml @@ -12,7 +12,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@v1 + uses: step-security/harden-runner@v2.10.2 with: allowed-endpoints: api.github.com:443 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d7baf30247..05095adeb5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@v1 + uses: step-security/harden-runner@v2.10.2 with: allowed-endpoints: github.com:443 diff --git a/.github/workflows/require-allow-edits.yml b/.github/workflows/require-allow-edits.yml index 427eecbc76..e3c25e4446 100644 --- a/.github/workflows/require-allow-edits.yml +++ b/.github/workflows/require-allow-edits.yml @@ -12,7 +12,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@v1 + uses: step-security/harden-runner@v2.10.2 with: allowed-endpoints: api.github.com:443 diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml index 00772d2391..a0f0cfc073 100644 --- a/.github/workflows/shellcheck.yml +++ b/.github/workflows/shellcheck.yml @@ -27,7 +27,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@v1 + uses: step-security/harden-runner@v2.10.2 with: allowed-endpoints: ghcr.io:443 @@ -52,7 +52,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@v1 + uses: step-security/harden-runner@v2.10.2 with: egress-policy: block - run: 'echo tests completed' diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index a17a71ec2d..4be9e0a04a 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -26,7 +26,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@v1 + uses: step-security/harden-runner@v2.10.2 with: allowed-endpoints: github.com:443 diff --git a/.github/workflows/toc.yml b/.github/workflows/toc.yml index b89fa957be..f2f5a45404 100644 --- a/.github/workflows/toc.yml +++ b/.github/workflows/toc.yml @@ -12,7 +12,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@v1 + uses: step-security/harden-runner@v2.10.2 with: allowed-endpoints: github.com:443