diff --git a/.github/workflows/check.buildifier.yml b/.github/workflows/check.buildifier.yml index d68439e..740e28d 100644 --- a/.github/workflows/check.buildifier.yml +++ b/.github/workflows/check.buildifier.yml @@ -34,7 +34,7 @@ jobs: continue-on-error: true steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 diff --git a/.github/workflows/check.codeql.yml b/.github/workflows/check.codeql.yml index ca1a2d0..40cab98 100644 --- a/.github/workflows/check.codeql.yml +++ b/.github/workflows/check.codeql.yml @@ -40,7 +40,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit - name: Checkout repository diff --git a/.github/workflows/check.lint-yaml.yml b/.github/workflows/check.lint-yaml.yml index 58cf21e..b01ad82 100644 --- a/.github/workflows/check.lint-yaml.yml +++ b/.github/workflows/check.lint-yaml.yml @@ -56,7 +56,7 @@ jobs: pull-requests: "read" steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: disable-sudo: true egress-policy: block @@ -83,7 +83,7 @@ jobs: pull-requests: "read" steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/check.scorecards.yml b/.github/workflows/check.scorecards.yml index 9c4dfff..d01f74b 100644 --- a/.github/workflows/check.scorecards.yml +++ b/.github/workflows/check.scorecards.yml @@ -20,7 +20,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit - name: "Checkout code" diff --git a/.github/workflows/deploy.docs.yml b/.github/workflows/deploy.docs.yml index d956816..b3f1435 100644 --- a/.github/workflows/deploy.docs.yml +++ b/.github/workflows/deploy.docs.yml @@ -29,7 +29,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit - name: "Setup: Checkout" @@ -55,7 +55,7 @@ jobs: continue-on-error: true steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit - name: "Deploy: GitHub Pages" diff --git a/.github/workflows/module.build.yml b/.github/workflows/module.build.yml index 87284c9..5b52cd0 100644 --- a/.github/workflows/module.build.yml +++ b/.github/workflows/module.build.yml @@ -122,7 +122,7 @@ jobs: continue-on-error: ${{ inputs.labs }} steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: disable-sudo: true egress-policy: block @@ -372,7 +372,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/on.pr.yml b/.github/workflows/on.pr.yml index c75ffb5..2a8d319 100644 --- a/.github/workflows/on.pr.yml +++ b/.github/workflows/on.pr.yml @@ -32,7 +32,7 @@ jobs: contents: write steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit - name: "Setup: Checkout" @@ -50,7 +50,7 @@ jobs: pull-requests: write steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit - name: "Checkout Repository" diff --git a/.github/workflows/on.push.yml b/.github/workflows/on.push.yml index 4901412..5713b17 100644 --- a/.github/workflows/on.push.yml +++ b/.github/workflows/on.push.yml @@ -30,7 +30,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit - name: "Setup: Checkout"