From a6aa0665d067b5833b7733540195cd8a46e06666 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 15 Jan 2023 23:04:11 -0800 Subject: [PATCH] Bump step-security/harden-runner from 2.0.0 to 2.1.0 (#861) Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.0.0 to 2.1.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5...18bf8ad2ca49c14cbb28b91346d626ccfb00c518) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/analysis.yml | 2 +- .github/workflows/benchmarks.yml | 2 +- .github/workflows/build.yml | 10 +++++----- .github/workflows/codacy.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/dependency-check.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/dependency-submission.yml | 2 +- .github/workflows/devskim.yml | 2 +- .github/workflows/examples.yml | 2 +- .github/workflows/gradle-wrapper-validation.yml | 2 +- .github/workflows/qodana.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/semgrep.yml | 2 +- .github/workflows/snyke.yml | 2 +- .github/workflows/spelling.yml | 2 +- 16 files changed, 20 insertions(+), 20 deletions(-) diff --git a/.github/workflows/analysis.yml b/.github/workflows/analysis.yml index 4bb292678f..2836f0a763 100644 --- a/.github/workflows/analysis.yml +++ b/.github/workflows/analysis.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: disable-sudo: true egress-policy: audit diff --git a/.github/workflows/benchmarks.yml b/.github/workflows/benchmarks.yml index 8d062848a1..6b808cdccc 100644 --- a/.github/workflows/benchmarks.yml +++ b/.github/workflows/benchmarks.yml @@ -17,7 +17,7 @@ jobs: JAVA_VERSION: ${{ matrix.java }} steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: disable-sudo: true egress-policy: audit diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 34a5fa491e..0cbd904f19 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -46,7 +46,7 @@ jobs: JAVA_VERSION: ${{ matrix.java }} steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: disable-sudo: true egress-policy: block @@ -134,7 +134,7 @@ jobs: JAVA_VERSION: ${{ matrix.java }} steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: disable-sudo: true egress-policy: block @@ -177,7 +177,7 @@ jobs: if: github.event_name == 'push' steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: disable-sudo: true egress-policy: block @@ -242,7 +242,7 @@ jobs: checks: write steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: disable-sudo: true egress-policy: block @@ -290,7 +290,7 @@ jobs: && endsWith(github.ref, github.event.repository.default_branch) steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/codacy.yml b/.github/workflows/codacy.yml index 79ca7c5a76..3a5380d56d 100644 --- a/.github/workflows/codacy.yml +++ b/.github/workflows/codacy.yml @@ -11,7 +11,7 @@ jobs: security-events: write steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: disable-sudo: true egress-policy: audit diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 99b626c354..b7dbbf8dec 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -31,7 +31,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: egress-policy: audit - name: Checkout repository diff --git a/.github/workflows/dependency-check.yml b/.github/workflows/dependency-check.yml index a76577a1b1..b95367a468 100644 --- a/.github/workflows/dependency-check.yml +++ b/.github/workflows/dependency-check.yml @@ -20,7 +20,7 @@ jobs: security-events: write steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: disable-sudo: true egress-policy: audit diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index c2031258b0..10a0ec642c 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: disable-sudo: true egress-policy: audit diff --git a/.github/workflows/dependency-submission.yml b/.github/workflows/dependency-submission.yml index 0727905254..770061c071 100644 --- a/.github/workflows/dependency-submission.yml +++ b/.github/workflows/dependency-submission.yml @@ -16,7 +16,7 @@ jobs: contents: write steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: disable-sudo: true egress-policy: audit diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml index d4fb715270..7723a1e5f5 100644 --- a/.github/workflows/devskim.yml +++ b/.github/workflows/devskim.yml @@ -19,7 +19,7 @@ jobs: security-events: write steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: disable-sudo: true egress-policy: audit diff --git a/.github/workflows/examples.yml b/.github/workflows/examples.yml index c466f40fd1..dcd7bbc8b5 100644 --- a/.github/workflows/examples.yml +++ b/.github/workflows/examples.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: disable-sudo: true egress-policy: audit diff --git a/.github/workflows/gradle-wrapper-validation.yml b/.github/workflows/gradle-wrapper-validation.yml index 7dd932f462..b061187695 100644 --- a/.github/workflows/gradle-wrapper-validation.yml +++ b/.github/workflows/gradle-wrapper-validation.yml @@ -8,7 +8,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: disable-sudo: true egress-policy: audit diff --git a/.github/workflows/qodana.yml b/.github/workflows/qodana.yml index c88f689aa0..4312f16ad4 100644 --- a/.github/workflows/qodana.yml +++ b/.github/workflows/qodana.yml @@ -16,7 +16,7 @@ jobs: security-events: write steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: disable-sudo: true egress-policy: audit diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 371060a780..97914d23c4 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: disable-sudo: true egress-policy: audit diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index 1cd99f83b8..6ba9c01a22 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -17,7 +17,7 @@ jobs: image: returntocorp/semgrep steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: disable-sudo: true egress-policy: audit diff --git a/.github/workflows/snyke.yml b/.github/workflows/snyke.yml index 924fc877dd..d9e58f1642 100644 --- a/.github/workflows/snyke.yml +++ b/.github/workflows/snyke.yml @@ -20,7 +20,7 @@ jobs: SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: disable-sudo: true egress-policy: audit diff --git a/.github/workflows/spelling.yml b/.github/workflows/spelling.yml index 239188d838..75da8fe30b 100644 --- a/.github/workflows/spelling.yml +++ b/.github/workflows/spelling.yml @@ -8,7 +8,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: disable-sudo: true egress-policy: audit