From b1b4aeba9f6f6b2db6bb05b86ce3cd4ab4659713 Mon Sep 17 00:00:00 2001
From: Myrotvorets <support@myrotvorets.center>
Date: Tue, 3 Sep 2024 03:57:03 +0300
Subject: [PATCH] Update workflows

---
 .github/workflows/npm-publish.yml | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml
index 7c13abd..370cda8 100644
--- a/.github/workflows/npm-publish.yml
+++ b/.github/workflows/npm-publish.yml
@@ -67,7 +67,16 @@ jobs:
         uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
         with:
           disable-sudo: true
-          egress-policy: audit
+          egress-policy: block
+          allowed-endpoints: >
+            api.github.com:443
+            github.com:443
+            objects.githubusercontent.com:443
+            nodejs.org:443
+            fulcio.sigstore.dev:443
+            registry.npmjs.org:443
+            rekor.sigstore.dev:443
+            npm.pkg.github.com:443
 
       - name: Publish package
         uses: myrotvorets/composite-actions/node-publish@master