Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Bump step-security/harden-runner from 2.3.0 to 2.3.1 (#4397)
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.3.0 to 2.3.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.3.1</h2> <h2>What's Changed</h2> <ul> <li>Release v2.3.1 by <a href="https://github.com/arjundashrath"><code>@arjundashrath</code></a> and <a href="https://github.com/varunsh-coder"><code>@varunsh-coder</code></a> in <a href="https://redirect.github.com/step-security/harden-runner/pull/281">step-security/harden-runner#281</a> Fixes <a href="https://redirect.github.com/step-security/harden-runner/issues/279">#279</a> and <a href="https://redirect.github.com/step-security/harden-runner/issues/275">#275</a></li> <li>Update README.md by <a href="https://github.com/varunsh-coder"><code>@varunsh-coder</code></a> in <a href="https://redirect.github.com/step-security/harden-runner/pull/267">step-security/harden-runner#267</a></li> <li>Bump step-security/harden-runner from 2.2.1 to 2.3.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/step-security/harden-runner/pull/268">step-security/harden-runner#268</a></li> <li>Bump codecov/codecov-action from 3.1.1 to 3.1.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/step-security/harden-runner/pull/273">step-security/harden-runner#273</a></li> <li>Bump ossf/scorecard-action from 2.1.2 to 2.1.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/step-security/harden-runner/pull/265">step-security/harden-runner#265</a></li> <li>Bump actions/checkout from 3.3.0 to 3.5.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/step-security/harden-runner/pull/261">step-security/harden-runner#261</a></li> <li>Bump github/codeql-action from 2.2.6 to 2.2.11 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/step-security/harden-runner/pull/270">step-security/harden-runner#270</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.3.1">https://github.com/step-security/harden-runner/compare/v2...v2.3.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/6b3083af2869dc3314a0257a42f4af696cc79ba3"><code>6b3083a</code></a> Release v2.3.1 (<a href="https://redirect.github.com/step-security/harden-runner/issues/281">#281</a>)</li> <li><a href="https://github.com/step-security/harden-runner/commit/910b3276b25495e4cfd8669cf5d7ea16508b0241"><code>910b327</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/270">#270</a> from step-security/dependabot/github_actions/github/c...</li> <li><a href="https://github.com/step-security/harden-runner/commit/5f67082df61a60c410ba32ecfd53e2f9b193197f"><code>5f67082</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/261">#261</a> from step-security/dependabot/github_actions/actions/...</li> <li><a href="https://github.com/step-security/harden-runner/commit/b3e3003dba685f2c0b910898f7044195a4ee8fe4"><code>b3e3003</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/265">#265</a> from step-security/dependabot/github_actions/ossf/sco...</li> <li><a href="https://github.com/step-security/harden-runner/commit/5aebf4789eefd1e327b80f94788a2761e3ad95cc"><code>5aebf47</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/273">#273</a> from step-security/dependabot/github_actions/codecov/...</li> <li><a href="https://github.com/step-security/harden-runner/commit/d81767b1cca8e83d2a908023a0de85454965ac3f"><code>d81767b</code></a> Bump codecov/codecov-action from 3.1.1 to 3.1.2</li> <li><a href="https://github.com/step-security/harden-runner/commit/61a6a28e1e1856256fd4012e85f492a1d99e96cb"><code>61a6a28</code></a> Bump github/codeql-action from 2.2.6 to 2.2.11</li> <li><a href="https://github.com/step-security/harden-runner/commit/f8b229487278099721572481264761b1d4fdd530"><code>f8b2294</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/268">#268</a> from step-security/dependabot/github_actions/step-sec...</li> <li><a href="https://github.com/step-security/harden-runner/commit/3693a6b26dc0c391969fed5566be02ad12c52598"><code>3693a6b</code></a> Bump step-security/harden-runner from 2.2.1 to 2.3.0</li> <li><a href="https://github.com/step-security/harden-runner/commit/49e89a7fe28c5e83477f970e12b1e28ea886ec32"><code>49e89a7</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/267">#267</a> from step-security/varunsh-coder-patch-1</li> <li>Additional commits viewable in <a href="https://github.com/step-security/harden-runner/compare/03bee3930647ebbf994244c21ddbc0d4933aab4f...6b3083af2869dc3314a0257a42f4af696cc79ba3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- Loading branch information
1 parent
82121e9
commit 6119406