diff --git a/.github/workflows/bench.ci.yml b/.github/workflows/bench.ci.yml index dc70a809c7..979fb0be92 100644 --- a/.github/workflows/bench.ci.yml +++ b/.github/workflows/bench.ci.yml @@ -57,7 +57,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit diff --git a/.github/workflows/build.ci.yml b/.github/workflows/build.ci.yml index bca92ee9b2..6c8103f018 100644 --- a/.github/workflows/build.ci.yml +++ b/.github/workflows/build.ci.yml @@ -32,7 +32,7 @@ jobs: pull-requests: "write" steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit @@ -130,7 +130,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit @@ -231,7 +231,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit @@ -352,7 +352,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit @@ -452,7 +452,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit @@ -575,7 +575,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit @@ -670,7 +670,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit @@ -773,7 +773,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit diff --git a/.github/workflows/codeql.ci.yml b/.github/workflows/codeql.ci.yml index 246f48784c..b311dfbfa2 100644 --- a/.github/workflows/codeql.ci.yml +++ b/.github/workflows/codeql.ci.yml @@ -27,7 +27,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit diff --git a/.github/workflows/copybara.ci.yml b/.github/workflows/copybara.ci.yml index 7238a0cfd9..3731482f93 100644 --- a/.github/workflows/copybara.ci.yml +++ b/.github/workflows/copybara.ci.yml @@ -20,7 +20,7 @@ jobs: (github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'migrate:protocol')) steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit @@ -53,7 +53,7 @@ jobs: steps: # Pull code. - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit diff --git a/.github/workflows/deploy.ci.yml b/.github/workflows/deploy.ci.yml index 159bb997ec..b7a296c161 100644 --- a/.github/workflows/deploy.ci.yml +++ b/.github/workflows/deploy.ci.yml @@ -80,7 +80,7 @@ jobs: FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }} steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit diff --git a/.github/workflows/gradle-wrapper-validation.yml b/.github/workflows/gradle-wrapper-validation.yml index 728d8ce166..a617c72f0a 100644 --- a/.github/workflows/gradle-wrapper-validation.yml +++ b/.github/workflows/gradle-wrapper-validation.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit diff --git a/.github/workflows/labeler.ci.yml b/.github/workflows/labeler.ci.yml index 44a4a1602d..f9d86c5ac0 100644 --- a/.github/workflows/labeler.ci.yml +++ b/.github/workflows/labeler.ci.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit diff --git a/.github/workflows/model.ci.yml b/.github/workflows/model.ci.yml index a8879cf528..4702e4d776 100644 --- a/.github/workflows/model.ci.yml +++ b/.github/workflows/model.ci.yml @@ -25,7 +25,7 @@ jobs: contents: "read" steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit @@ -53,7 +53,7 @@ jobs: continue-on-error: ${{ contains(github.event.pull_request.labels.*.name, 'ci:buf-breaking-ignore') }} steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit @@ -89,7 +89,7 @@ jobs: contents: "read" steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit diff --git a/.github/workflows/publish.ci.yml b/.github/workflows/publish.ci.yml index be27e91e62..e5b08f5739 100644 --- a/.github/workflows/publish.ci.yml +++ b/.github/workflows/publish.ci.yml @@ -152,7 +152,7 @@ jobs: BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }} steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit diff --git a/.github/workflows/qodana.ci.yml b/.github/workflows/qodana.ci.yml index b36a0cd565..c8f2224232 100644 --- a/.github/workflows/qodana.ci.yml +++ b/.github/workflows/qodana.ci.yml @@ -16,7 +16,7 @@ jobs: continue-on-error: true steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit diff --git a/.github/workflows/scheduled-checks.ci.yml b/.github/workflows/scheduled-checks.ci.yml index dfe9d6302f..ce63232d4c 100644 --- a/.github/workflows/scheduled-checks.ci.yml +++ b/.github/workflows/scheduled-checks.ci.yml @@ -35,7 +35,7 @@ jobs: pull-requests: "write" steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit @@ -62,7 +62,7 @@ jobs: pull-requests: "write" steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit @@ -136,7 +136,7 @@ jobs: shell: bash steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 0ffd7eae2a..4d02a27e64 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -31,7 +31,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit diff --git a/.github/workflows/site.ci.yml b/.github/workflows/site.ci.yml index bdb8187f8b..9c192e5994 100644 --- a/.github/workflows/site.ci.yml +++ b/.github/workflows/site.ci.yml @@ -37,7 +37,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit @@ -159,7 +159,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit @@ -288,7 +288,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604 # v2.5.0 + uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 with: egress-policy: audit