From 0dcce4afbd53ccc518f797683768c1660fe9161a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 9 Nov 2022 08:01:36 +0000 Subject: [PATCH] :seedling: Bump step-security/harden-runner from 1.5.0 to 2.0.0 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 1.5.0 to 2.0.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/2e205a28d0e1da00c5f53b161f4067b052c61f34...ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/docker.yml | 14 +++++----- .github/workflows/goreleaser.yaml | 2 +- .github/workflows/integration.yml | 4 +-- .github/workflows/main.yml | 40 +++++++++++++-------------- .github/workflows/publishimage.yml | 2 +- .github/workflows/stale.yml | 2 +- .github/workflows/verify.yml | 2 +- 8 files changed, 34 insertions(+), 34 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 769942c37bb..d5aced40e9a 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -52,7 +52,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 12c01857f2d..32980e8c6dd 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -41,7 +41,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -86,7 +86,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -131,7 +131,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -176,7 +176,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -221,7 +221,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -266,7 +266,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -311,7 +311,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/goreleaser.yaml b/.github/workflows/goreleaser.yaml index 0d84b17dfb0..f532f91422c 100644 --- a/.github/workflows/goreleaser.yaml +++ b/.github/workflows/goreleaser.yaml @@ -31,7 +31,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml index 4c525c0d94a..209f5f3177e 100644 --- a/.github/workflows/integration.yml +++ b/.github/workflows/integration.yml @@ -25,7 +25,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -38,7 +38,7 @@ jobs: needs: [approve] steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index fd3b7cf5cc2..f5df1559869 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -37,7 +37,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -77,7 +77,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -125,7 +125,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -172,7 +172,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -208,7 +208,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -256,7 +256,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -304,7 +304,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -352,7 +352,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -400,7 +400,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -448,7 +448,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -496,7 +496,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -544,7 +544,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -592,7 +592,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -640,7 +640,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -688,7 +688,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -735,7 +735,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -765,7 +765,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -808,7 +808,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Install Protoc @@ -854,7 +854,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -889,7 +889,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/publishimage.yml b/.github/workflows/publishimage.yml index 9158a972130..2d427471749 100644 --- a/.github/workflows/publishimage.yml +++ b/.github/workflows/publishimage.yml @@ -35,7 +35,7 @@ jobs: COSIGN_EXPERIMENTAL: "true" steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index ccb309b2a4e..077a04d67bf 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -27,7 +27,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml index c942d728261..49072b4cc40 100644 --- a/.github/workflows/verify.yml +++ b/.github/workflows/verify.yml @@ -26,7 +26,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1 + uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs