Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci(action): update step-security/harden-runner action to v2.7.0 #846

Merged
merged 1 commit into from
Mar 7, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jan 31, 2024

Mend Renovate

This PR contains the following updates:

Package Type Update Change OpenSSF
step-security/harden-runner action minor v2.6.1 -> v2.7.0 OpenSSF Scorecard

Release Notes

step-security/harden-runner (step-security/harden-runner)

v2.7.0

Compare Source

What's Changed

Release 2.7.0 by @​varunsh-coder and @​h0x0er in https://github.com/step-security/harden-runner/pull/376
This release:

  1. Updates the node runtime to node20
  2. Adds capability to inspect outbound HTTPS traffic on GitHub-hosted and self-hosted VM runners

Full Changelog: step-security/harden-runner@v2...v2.7.0


Configuration

📅 Schedule: Branch creation - "before 5am every weekday,every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Jan 31, 2024
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from 9b1d4fa to ea5fc3d Compare March 7, 2024 15:21
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from ea5fc3d to 8d10ff9 Compare March 7, 2024 16:50
@sheerlox sheerlox merged commit f1a8486 into main Mar 7, 2024
19 checks passed
@sheerlox sheerlox deleted the renovate/step-security-harden-runner-2.x branch March 7, 2024 17:19
ncb000gt pushed a commit that referenced this pull request Apr 8, 2024
## [3.1.7](v3.1.6...v3.1.7) (2024-04-08)

### 🛠 Builds

* **deps:** update dependency [@types](https://github.com/types)/luxon to ~3.4.0 ([#831](#831)) ([7c31bae](7c31bae))

### ⚙️ Continuous Integrations

* **action:** prevent duplicate checks on Renovate PRs ([#784](#784)) ([6b56a36](6b56a36))
* **action:** update actions/setup-node digest to 60edb5d ([#821](#821)) ([f05b75e](f05b75e))
* **action:** update actions/upload-artifact action to v4 ([#856](#856)) ([46d6660](46d6660))
* **action:** update amannn/action-semantic-pull-request digest to e9fabac ([#849](#849)) ([d96457c](d96457c))
* **action:** update github/codeql-action action to v2.22.6 ([#783](#783)) [skip ci] ([687fd43](687fd43))
* **action:** update github/codeql-action action to v2.22.7 ([#787](#787)) ([a0204d8](a0204d8))
* **action:** update github/codeql-action action to v2.22.8 ([#797](#797)) ([323f48c](323f48c))
* **action:** update github/codeql-action action to v3 ([#817](#817)) ([69d2695](69d2695))
* **action:** update insurgent-lab/is-in-pr-action action to v0.1.4 ([#790](#790)) ([8e85b13](8e85b13))
* **action:** update insurgent-lab/is-in-pr-action action to v0.1.5 ([#798](#798)) ([76751d2](76751d2))
* **action:** update insurgent-lab/is-in-pr-action action to v0.2.0 ([#853](#853)) ([cc3fcbd](cc3fcbd))
* **action:** update marocchino/sticky-pull-request-comment digest to 331f8f5 ([#850](#850)) ([a477f08](a477f08))
* **action:** update step-security/harden-runner action to v2.6.1 ([#788](#788)) [skip ci] ([2e5ca52](2e5ca52))
* **action:** update step-security/harden-runner action to v2.7.0 ([#846](#846)) ([f1a8486](f1a8486))
* fix renovate skipping checks ([#796](#796)) ([3b00555](3b00555))

### ♻️ Chores

* **deps:** lock file maintenance ([38979af](38979af))
* **deps:** lock file maintenance ([dc5b205](dc5b205))
* **deps:** lock file maintenance ([77ddb73](77ddb73))
* **deps:** lock file maintenance ([03eea6c](03eea6c))
* **deps:** lock file maintenance ([94e8aac](94e8aac))
* **deps:** lock file maintenance ([142c2d1](142c2d1))
* **deps:** lock file maintenance ([c70bd32](c70bd32))
* **deps:** lock file maintenance ([e0931ca](e0931ca))
* **deps:** lock file maintenance ([effe686](effe686))
* **deps:** lock file maintenance ([#763](#763)) ([5d17388](5d17388))
* **deps:** lock file maintenance ([#771](#771)) ([cf3d5e8](cf3d5e8))
* **deps:** lock file maintenance ([#781](#781)) ([6a00c1e](6a00c1e))
* **deps:** lock file maintenance ([#793](#793)) ([bcbc778](bcbc778))
* **deps:** lock file maintenance ([#804](#804)) ([2e72c8f](2e72c8f))
* **deps:** update dependency [@commitlint](https://github.com/commitlint)/cli to v18.4.3 ([8c8acf7](8c8acf7))
* **deps:** update dependency [@commitlint](https://github.com/commitlint)/cli to v18.4.4 ([2572023](2572023))
* **deps:** update dependency [@commitlint](https://github.com/commitlint)/cli to v18.6.0 ([22e8a0f](22e8a0f))
* **deps:** update dependency [@commitlint](https://github.com/commitlint)/cli to v18.6.1 ([e34c9d1](e34c9d1))
* **deps:** update dependency [@fast-check](https://github.com/fast-check)/jest to v1.8.0 ([689eea4](689eea4))
* **deps:** update dependency [@fast-check](https://github.com/fast-check)/jest to v1.8.1 ([a6a120c](a6a120c))
* **deps:** update dependency [@insurgent](https://github.com/insurgent)/conventional-changelog-preset to v9.0.1 ([39ae9c1](39ae9c1))
* **deps:** update dependency [@semantic-release](https://github.com/semantic-release)/github to v9.2.4 ([be59173](be59173))
* **deps:** update dependency [@semantic-release](https://github.com/semantic-release)/github to v9.2.6 ([4c994df](4c994df))
* **deps:** update dependency [@semantic-release](https://github.com/semantic-release)/npm to v11.0.1 ([#770](#770)) ([72f9dea](72f9dea))
* **deps:** update dependency [@semantic-release](https://github.com/semantic-release)/npm to v11.0.3 ([d62bc05](d62bc05))
* **deps:** update dependency [@types](https://github.com/types)/jest to v29.5.11 ([8fe499f](8fe499f))
* **deps:** update dependency [@types](https://github.com/types)/jest to v29.5.12 ([621f556](621f556))
* **deps:** update dependency [@types](https://github.com/types)/jest to v29.5.7 ([#765](#765)) [skip ci] ([3b9b43d](3b9b43d))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.10.0 ([3111ecd](3111ecd))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.10.4 ([b0853e7](b0853e7))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.10.5 ([35ee733](35ee733))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.10.7 ([603fdfa](603fdfa))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.11.0 ([a1a38fe](a1a38fe))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.11.13 ([c42b5e9](c42b5e9))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.11.17 ([f37f31c](f37f31c))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.11.19 ([c3bdd6d](c3bdd6d))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.11.24 ([fb4a087](fb4a087))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.11.25 ([4b22794](4b22794))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.11.26 ([166563d](166563d))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.11.27 ([8c14927](8c14927))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.11.28 ([bf7efeb](bf7efeb))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.11.30 ([ed26da9](ed26da9))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.11.5 ([8838ae5](8838ae5))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.11.8 ([006f6fc](006f6fc))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.12.2 ([f6bf108](f6bf108))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.12.3 ([30648f8](30648f8))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.12.4 ([7d5cf86](7d5cf86))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.8.10 ([#768](#768)) [skip ci] ([6a91b78](6a91b78))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.9.0 ([6d972d5](6d972d5))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.9.1 ([1817d85](1817d85))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.9.2 ([a9fb08b](a9fb08b))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.9.4 ([05124bb](05124bb))
* **deps:** update dependency [@types](https://github.com/types)/node to v20.9.5 ([a32ba3d](a32ba3d))
* **deps:** update dependency [@types](https://github.com/types)/sinon to v17 ([#774](#774)) [skip ci] ([6ab97db](6ab97db))
* **deps:** update dependency [@typescript-eslint](https://github.com/typescript-eslint)/eslint-plugin to v6.11.0 ([d41dfa3](d41dfa3))
* **deps:** update dependency [@typescript-eslint](https://github.com/typescript-eslint)/eslint-plugin to v6.12.0 ([bd2e981](bd2e981))
* **deps:** update dependency [@typescript-eslint](https://github.com/typescript-eslint)/eslint-plugin to v6.13.1 ([#806](#806)) ([d696565](d696565))
* **deps:** update dependency [@typescript-eslint](https://github.com/typescript-eslint)/eslint-plugin to v6.13.2 ([d614393](d614393))
* **deps:** update dependency [@typescript-eslint](https://github.com/typescript-eslint)/eslint-plugin to v6.9.1 ([#766](#766)) [skip ci] ([4d2bfe6](4d2bfe6))
* **deps:** update dependency chai to v4.4.1 ([cd26e74](cd26e74))
* **deps:** update dependency eslint to v8.53.0 ([#773](#773)) [skip ci] ([8dea8d7](8dea8d7))
* **deps:** update dependency eslint to v8.54.0 ([ef4a99c](ef4a99c))
* **deps:** update dependency eslint to v8.55.0 ([f5578ac](f5578ac))
* **deps:** update dependency eslint-config-prettier to v9.1.0 ([ba1df8b](ba1df8b))
* **deps:** update dependency eslint-plugin-jest to v27.6.0 ([#762](#762)) ([615b06f](615b06f))
* **deps:** update dependency eslint-plugin-jest to v27.8.0 ([ca9c72d](ca9c72d))
* **deps:** update dependency prettier to v3.1.1 ([f31bd3b](f31bd3b))
* **deps:** update dependency semantic-release to v22.0.6 ([#767](#767)) [skip ci] ([230291a](230291a))
* **deps:** update dependency semantic-release to v22.0.9 ([ac87eba](ac87eba))
* **deps:** update dependency sinon to v17.0.1 ([#769](#769)) [skip ci] ([bf2bdfb](bf2bdfb))
* **deps:** update dependency ts-jest to v29.1.2 ([6f8af23](6f8af23))
* **deps:** update dependency typescript to v5.3.2 ([#802](#802)) ([0f541a4](0f541a4))
* **deps:** update dependency typescript to v5.3.3 ([4f470c6](4f470c6))
* **deps:** update dependency typescript to v5.4.2 ([98dfa32](98dfa32))
* **deps:** update dependency typescript to v5.4.3 ([412c453](412c453))
* **deps:** update dependency typescript to v5.4.4 ([6b172b1](6b172b1))
* **deps:** update linters ([2c2fe1b](2c2fe1b))
* **deps:** update linters ([66a470a](66a470a))
* **deps:** update linters ([3010a70](3010a70))
* **deps:** update linters ([f8609df](f8609df))
* **deps:** update linters ([8937be5](8937be5))
* **deps:** update linters ([834e0f4](834e0f4))
* **deps:** update linters ([fe0d705](fe0d705))
* **deps:** update linters ([767ad39](767ad39))
* **deps:** update semantic-release related packages ([38096a9](38096a9))
* **deps:** update semantic-release related packages ([a5cd89d](a5cd89d))
* **deps:** update semantic-release related packages ([#772](#772)) [skip ci] ([4a654a7](4a654a7))
* **deps:** update semantic-release related packages ([#777](#777)) ([898254c](898254c))
* **deps:** update tests ([eb417b6](eb417b6))
* **deps:** update tests ([0cdd4a3](0cdd4a3))
* **deps:** update tests ([#800](#800)) ([ea1a22b](ea1a22b))
* reduce renovate updates noise ([#750](#750)) ([661722f](661722f))
* reflect insurgentlab scope update in config files ([#785](#785)) ([edf67d0](edf67d0))
@ncb000gt
Copy link
Member

ncb000gt commented Apr 8, 2024

🎉 This PR is included in version 3.1.7 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file released
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants