From ffb276685f14a280029f82b51d1921a3b6d156ad Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 10 Sep 2024 23:16:02 +0000 Subject: [PATCH] chore(deps): update step-security/harden-runner action to v2.10.0 --- .github/workflows/audit-signatures.yml | 2 +- .github/workflows/ci.yml | 4 ++-- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/e2e.yml | 4 ++-- .github/workflows/lint.yml | 4 ++-- .github/workflows/push-tag.yml | 4 ++-- .github/workflows/static-code-analysis.yml | 2 +- 8 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/audit-signatures.yml b/.github/workflows/audit-signatures.yml index 606f322f..f42840c4 100644 --- a/.github/workflows/audit-signatures.yml +++ b/.github/workflows/audit-signatures.yml @@ -18,7 +18,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true allowed-endpoints: > diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8f4b56f0..273d48cf 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -32,7 +32,7 @@ jobs: - locked steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: false disable-file-monitoring: true @@ -68,7 +68,7 @@ jobs: NO_UPDATE_NOTIFIER: "true" steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index d090ef08..0ea63fda 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -31,7 +31,7 @@ jobs: - javascript steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index ff346b8c..decd5e81 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -15,7 +15,7 @@ jobs: pull-requests: write steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: egress-policy: block allowed-endpoints: > diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index 88cf6300..697f0142 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -34,7 +34,7 @@ jobs: - beta-php8.2 steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-file-monitoring: true egress-policy: block @@ -100,7 +100,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-file-monitoring: true egress-policy: block diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index af28509d..f1f98fda 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: false egress-policy: audit @@ -62,7 +62,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/push-tag.yml b/.github/workflows/push-tag.yml index 5724e702..7888dd0f 100644 --- a/.github/workflows/push-tag.yml +++ b/.github/workflows/push-tag.yml @@ -18,7 +18,7 @@ jobs: attestations: write steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: egress-policy: block allowed-endpoints: > @@ -65,7 +65,7 @@ jobs: environment: deploy steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-file-monitoring: true egress-policy: block diff --git a/.github/workflows/static-code-analysis.yml b/.github/workflows/static-code-analysis.yml index 7c568ba1..d3dff27d 100644 --- a/.github/workflows/static-code-analysis.yml +++ b/.github/workflows/static-code-analysis.yml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-file-monitoring: true egress-policy: block