diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 1bbfffec..be7343ee 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1 + uses: step-security/harden-runner@248ae51c2e8cc9622ecf50685c8bf7150c6e8813 # v1 with: egress-policy: block disable-telemetry: true @@ -50,7 +50,7 @@ jobs: runs-on: ${{ matrix.platform }} steps: - name: Harden Runner - uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1 + uses: step-security/harden-runner@248ae51c2e8cc9622ecf50685c8bf7150c6e8813 # v1 with: egress-policy: audit disable-telemetry: false diff --git a/.github/workflows/cflite.yml b/.github/workflows/cflite.yml index 8764a930..945034b6 100644 --- a/.github/workflows/cflite.yml +++ b/.github/workflows/cflite.yml @@ -18,7 +18,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1 + uses: step-security/harden-runner@248ae51c2e8cc9622ecf50685c8bf7150c6e8813 # v1 with: egress-policy: audit disable-telemetry: true diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 22f8a25b..bc75af6a 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -40,7 +40,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1 + uses: step-security/harden-runner@248ae51c2e8cc9622ecf50685c8bf7150c6e8813 # v1 with: egress-policy: block disable-telemetry: true diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml index 73a93263..a1857c7b 100644 --- a/.github/workflows/codespell.yml +++ b/.github/workflows/codespell.yml @@ -26,7 +26,7 @@ jobs: steps: # Checkout the code base # - name: Harden Runner - uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1 + uses: step-security/harden-runner@248ae51c2e8cc9622ecf50685c8bf7150c6e8813 # v1 with: egress-policy: block disable-telemetry: true diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index cad1beef..b4846b6a 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 + uses: step-security/harden-runner@248ae51c2e8cc9622ecf50685c8bf7150c6e8813 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/gitlabsync.yml b/.github/workflows/gitlabsync.yml index 8047e06e..83fc0b6b 100644 --- a/.github/workflows/gitlabsync.yml +++ b/.github/workflows/gitlabsync.yml @@ -16,7 +16,7 @@ jobs: name: Git Repo Sync steps: - name: Harden Runner - uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1 + uses: step-security/harden-runner@248ae51c2e8cc9622ecf50685c8bf7150c6e8813 # v1 with: egress-policy: block disable-telemetry: true diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index be1cc7aa..cddc9514 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -28,7 +28,7 @@ jobs: steps: # Checkout the code base # - name: Harden Runner - uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1 + uses: step-security/harden-runner@248ae51c2e8cc9622ecf50685c8bf7150c6e8813 # v1 with: egress-policy: block disable-telemetry: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b5af45e9..7d5baadd 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1 + uses: step-security/harden-runner@248ae51c2e8cc9622ecf50685c8bf7150c6e8813 # v1 with: egress-policy: block disable-telemetry: true diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml index 982f6faa..ba8c9c3a 100644 --- a/.github/workflows/scan.yml +++ b/.github/workflows/scan.yml @@ -26,7 +26,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1 + uses: step-security/harden-runner@248ae51c2e8cc9622ecf50685c8bf7150c6e8813 # v1 with: egress-policy: block disable-telemetry: true @@ -62,7 +62,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1 + uses: step-security/harden-runner@248ae51c2e8cc9622ecf50685c8bf7150c6e8813 # v1 with: egress-policy: block disable-telemetry: true diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index c29b5db0..56a02aa4 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1 + uses: step-security/harden-runner@248ae51c2e8cc9622ecf50685c8bf7150c6e8813 # v1 with: egress-policy: block disable-telemetry: true diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index 52cd78db..545d79a0 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1 + uses: step-security/harden-runner@248ae51c2e8cc9622ecf50685c8bf7150c6e8813 # v1 with: egress-policy: block disable-telemetry: true diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml index 540ff3a2..63829fde 100644 --- a/.github/workflows/snyk.yml +++ b/.github/workflows/snyk.yml @@ -19,7 +19,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@34cbc43f0b10c9dda284e663cf43c2ebaf83e956 # v1 + uses: step-security/harden-runner@248ae51c2e8cc9622ecf50685c8bf7150c6e8813 # v1 with: egress-policy: block disable-telemetry: true