Skip to content

Bump step-security/harden-runner from 2.10.1 to 2.10.2 #383

Bump step-security/harden-runner from 2.10.1 to 2.10.2

Bump step-security/harden-runner from 2.10.1 to 2.10.2 #383

Workflow file for this run

# This workflow will triage pull requests and apply a label based on the
# paths that are modified in the pull request.
#
# To use this workflow, you will need to set up a .github/labeler.yml
# file with configuration. For more information, see:
# https://github.com/actions/labeler/blob/master/README.md
name: Labeler
on:
# Note: potential security risk from this action using pull_request_target.
# Do not add actions in here which need a checkout of the repo, and do not use any caching in here.
# See: https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target
pull_request_target:
types:
- opened
- reopened
- synchronize
permissions:
contents: read
jobs:
label:
name: Label
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
- name: Labeler
uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5.0.0
with:
repo-token: "${{ secrets.GITHUB_TOKEN }}"