diff --git a/.github/workflows/auto-approve.yml b/.github/workflows/auto-approve.yml index fbd886f9..6984a6a8 100644 --- a/.github/workflows/auto-approve.yml +++ b/.github/workflows/auto-approve.yml @@ -16,7 +16,7 @@ jobs: # More info: https://github.com/step-security/harden-runner. - name: Harden Runner id: harden_runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 with: egress-policy: audit diff --git a/.github/workflows/autoupdate.yml b/.github/workflows/autoupdate.yml index 2b4485cb..e67cfde5 100644 --- a/.github/workflows/autoupdate.yml +++ b/.github/workflows/autoupdate.yml @@ -13,7 +13,7 @@ jobs: # More info: https://github.com/step-security/harden-runner. - name: Harden Runner id: harden_runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/create-labels.yml b/.github/workflows/create-labels.yml index 05ee1a6a..aabbfc9c 100644 --- a/.github/workflows/create-labels.yml +++ b/.github/workflows/create-labels.yml @@ -13,7 +13,7 @@ jobs: # More info: https://github.com/step-security/harden-runner. - name: Harden Runner id: harden_runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/fosstars-report.yml b/.github/workflows/fosstars-report.yml index 55a23f94..29bd9d06 100644 --- a/.github/workflows/fosstars-report.yml +++ b/.github/workflows/fosstars-report.yml @@ -19,7 +19,7 @@ jobs: # More info: https://github.com/step-security/harden-runner. - name: Harden Runner id: harden_runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/gh-pages.yml b/.github/workflows/gh-pages.yml index 3fc8030f..d7455cdc 100644 --- a/.github/workflows/gh-pages.yml +++ b/.github/workflows/gh-pages.yml @@ -28,7 +28,7 @@ jobs: # More info: https://github.com/step-security/harden-runner. - name: Harden Runner id: harden_runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 with: egress-policy: audit @@ -63,7 +63,7 @@ jobs: # More info: https://github.com/step-security/harden-runner. - name: Harden Runner id: harden_runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 with: egress-policy: audit diff --git a/.github/workflows/pnpm-publish.yml b/.github/workflows/pnpm-publish.yml index 84f01952..d3ca150f 100644 --- a/.github/workflows/pnpm-publish.yml +++ b/.github/workflows/pnpm-publish.yml @@ -14,7 +14,7 @@ jobs: # More info: https://github.com/step-security/harden-runner. - name: Harden Runner id: harden_runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 with: egress-policy: audit diff --git a/.github/workflows/pullrequest-linter.yml b/.github/workflows/pullrequest-linter.yml index df63fd7e..ff8c88e6 100644 --- a/.github/workflows/pullrequest-linter.yml +++ b/.github/workflows/pullrequest-linter.yml @@ -16,7 +16,7 @@ jobs: # More info: https://github.com/step-security/harden-runner. - name: Harden Runner id: harden_runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 with: egress-policy: audit diff --git a/.github/workflows/pullrequest.yml b/.github/workflows/pullrequest.yml index 8b1ca069..4b06c58d 100644 --- a/.github/workflows/pullrequest.yml +++ b/.github/workflows/pullrequest.yml @@ -16,7 +16,7 @@ jobs: # More info: https://github.com/step-security/harden-runner. - name: Harden Runner id: harden_runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 with: disable-sudo: true egress-policy: block @@ -50,7 +50,7 @@ jobs: # More info: https://github.com/step-security/harden-runner. - name: Harden Runner id: harden_runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 with: egress-policy: audit @@ -88,7 +88,7 @@ jobs: # More info: https://github.com/step-security/harden-runner. - name: Harden Runner id: harden_runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 with: egress-policy: audit diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 533a400d..5fe2a906 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -12,7 +12,7 @@ jobs: # More info: https://github.com/step-security/harden-runner. - name: Harden Runner id: harden_runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 with: disable-sudo: true egress-policy: block @@ -48,7 +48,7 @@ jobs: # More info: https://github.com/step-security/harden-runner. - name: Harden Runner id: harden_runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 with: egress-policy: audit diff --git a/.github/workflows/rebase-issue.yml b/.github/workflows/rebase-issue.yml index 68d2b076..4d159dcb 100644 --- a/.github/workflows/rebase-issue.yml +++ b/.github/workflows/rebase-issue.yml @@ -16,7 +16,7 @@ jobs: # More info: https://github.com/step-security/harden-runner. - name: Harden Runner id: harden_runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 with: egress-policy: audit diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index e9079bfb..693bb324 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -18,7 +18,7 @@ jobs: # More info: https://github.com/step-security/harden-runner. - name: Harden Runner id: harden_runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 with: egress-policy: audit diff --git a/.github/workflows/wiki.yml b/.github/workflows/wiki.yml index 11772fe7..b3d07129 100644 --- a/.github/workflows/wiki.yml +++ b/.github/workflows/wiki.yml @@ -32,7 +32,7 @@ jobs: # More info: https://github.com/step-security/harden-runner. - name: Harden Runner id: harden_runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 with: egress-policy: audit