From eb31736ec311275311c0f7a14eb65869e36e2e35 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 14 Aug 2023 01:38:22 -0400
Subject: [PATCH] Bump step-security/harden-runner from 2.5.0 to 2.5.1 (#4658)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.5.0 to 2.5.1.
Release notes
Sourced from step-security/harden-runner's
releases.
v2.5.1
What's Changed
Full Changelog: https://github.com/step-security/harden-runner/compare/v2...v2.5.1
Commits
8ca2b8b
Release v2.5.1 (#332)9768986
Merge pull request #327
from step-security/dependabot/github_actions/step-sec...4735c31
Bump step-security/harden-runner from 2.4.1 to 2.5.02bd96dc
Merge pull request #326
from step-security/varunsh-coder-patch-1781663b
Update README.md- See full diff in compare
view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
.github/workflows/ci-all-in-one-build.yml | 2 +-
.github/workflows/ci-build-binaries.yml | 2 +-
.github/workflows/ci-cassandra.yml | 2 +-
.github/workflows/ci-crossdock.yml | 2 +-
.github/workflows/ci-docker-build.yml | 2 +-
.github/workflows/ci-elasticsearch.yml | 2 +-
.github/workflows/ci-grpc-badger.yml | 2 +-
.github/workflows/ci-hotrod.yml | 2 +-
.github/workflows/ci-kafka.yml | 2 +-
.github/workflows/ci-opensearch.yml | 2 +-
.github/workflows/ci-protogen-tests.yml | 2 +-
.github/workflows/ci-release.yml | 2 +-
.github/workflows/ci-unit-tests-go-tip.yml | 2 +-
.github/workflows/ci-unit-tests.yml | 2 +-
.github/workflows/codeql.yml | 2 +-
.github/workflows/fossa.yml | 2 +-
16 files changed, 16 insertions(+), 16 deletions(-)
diff --git a/.github/workflows/ci-all-in-one-build.yml b/.github/workflows/ci-all-in-one-build.yml
index 619e1ac03f0..f38e63ce244 100644
--- a/.github/workflows/ci-all-in-one-build.yml
+++ b/.github/workflows/ci-all-in-one-build.yml
@@ -16,7 +16,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
- uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604
+ uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
diff --git a/.github/workflows/ci-build-binaries.yml b/.github/workflows/ci-build-binaries.yml
index 2d1e3e27774..46ccc114d94 100644
--- a/.github/workflows/ci-build-binaries.yml
+++ b/.github/workflows/ci-build-binaries.yml
@@ -34,7 +34,7 @@ jobs:
name: build binaries for ${{ matrix.platform.name }}
steps:
- name: Harden Runner
- uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604
+ uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
diff --git a/.github/workflows/ci-cassandra.yml b/.github/workflows/ci-cassandra.yml
index 04c437e4e00..b20e82bc627 100644
--- a/.github/workflows/ci-cassandra.yml
+++ b/.github/workflows/ci-cassandra.yml
@@ -28,7 +28,7 @@ jobs:
name: ${{ matrix.version.distribution }} ${{ matrix.version.major }}
steps:
- name: Harden Runner
- uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604
+ uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
diff --git a/.github/workflows/ci-crossdock.yml b/.github/workflows/ci-crossdock.yml
index fec1913fe79..54cd4635c63 100644
--- a/.github/workflows/ci-crossdock.yml
+++ b/.github/workflows/ci-crossdock.yml
@@ -17,7 +17,7 @@ jobs:
steps:
- name: Harden Runner
- uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604
+ uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
diff --git a/.github/workflows/ci-docker-build.yml b/.github/workflows/ci-docker-build.yml
index e46f9883b5c..66ad24815b7 100644
--- a/.github/workflows/ci-docker-build.yml
+++ b/.github/workflows/ci-docker-build.yml
@@ -17,7 +17,7 @@ jobs:
steps:
- name: Harden Runner
- uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604
+ uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
diff --git a/.github/workflows/ci-elasticsearch.yml b/.github/workflows/ci-elasticsearch.yml
index 3ce006607f2..eb8d0c72aab 100644
--- a/.github/workflows/ci-elasticsearch.yml
+++ b/.github/workflows/ci-elasticsearch.yml
@@ -29,7 +29,7 @@ jobs:
name: ${{ matrix.version.distribution }} ${{ matrix.version.major }}
steps:
- name: Harden Runner
- uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604
+ uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
diff --git a/.github/workflows/ci-grpc-badger.yml b/.github/workflows/ci-grpc-badger.yml
index 2a83b44ff2f..daf3d604880 100644
--- a/.github/workflows/ci-grpc-badger.yml
+++ b/.github/workflows/ci-grpc-badger.yml
@@ -16,7 +16,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
- uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604
+ uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
diff --git a/.github/workflows/ci-hotrod.yml b/.github/workflows/ci-hotrod.yml
index 59aec99f660..88d295cda82 100644
--- a/.github/workflows/ci-hotrod.yml
+++ b/.github/workflows/ci-hotrod.yml
@@ -16,7 +16,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
- uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604
+ uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
diff --git a/.github/workflows/ci-kafka.yml b/.github/workflows/ci-kafka.yml
index 7cf8af6ca59..766e1c6cb55 100644
--- a/.github/workflows/ci-kafka.yml
+++ b/.github/workflows/ci-kafka.yml
@@ -16,7 +16,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
- uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604
+ uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
diff --git a/.github/workflows/ci-opensearch.yml b/.github/workflows/ci-opensearch.yml
index 23a063fcf14..6e40cca6f83 100644
--- a/.github/workflows/ci-opensearch.yml
+++ b/.github/workflows/ci-opensearch.yml
@@ -26,7 +26,7 @@ jobs:
name: ${{ matrix.version.distribution }} ${{ matrix.version.major }}
steps:
- name: Harden Runner
- uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604
+ uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
diff --git a/.github/workflows/ci-protogen-tests.yml b/.github/workflows/ci-protogen-tests.yml
index 7e1300620ff..62f244e6937 100644
--- a/.github/workflows/ci-protogen-tests.yml
+++ b/.github/workflows/ci-protogen-tests.yml
@@ -16,7 +16,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
- uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604
+ uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml
index 5fe54e5274d..fcf1994c2df 100644
--- a/.github/workflows/ci-release.yml
+++ b/.github/workflows/ci-release.yml
@@ -17,7 +17,7 @@ jobs:
steps:
- name: Harden Runner
- uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604
+ uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
diff --git a/.github/workflows/ci-unit-tests-go-tip.yml b/.github/workflows/ci-unit-tests-go-tip.yml
index 260f3d4ebeb..2fc1da875c3 100644
--- a/.github/workflows/ci-unit-tests-go-tip.yml
+++ b/.github/workflows/ci-unit-tests-go-tip.yml
@@ -13,7 +13,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
- uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604
+ uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
diff --git a/.github/workflows/ci-unit-tests.yml b/.github/workflows/ci-unit-tests.yml
index 6395a096847..6cf0b459465 100644
--- a/.github/workflows/ci-unit-tests.yml
+++ b/.github/workflows/ci-unit-tests.yml
@@ -22,7 +22,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
- uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604
+ uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index edfa854a7f8..a03391043f7 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -31,7 +31,7 @@ jobs:
steps:
- name: Harden Runner
- uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604
+ uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
diff --git a/.github/workflows/fossa.yml b/.github/workflows/fossa.yml
index 752211207dd..1e900c5bb89 100644
--- a/.github/workflows/fossa.yml
+++ b/.github/workflows/fossa.yml
@@ -17,7 +17,7 @@ jobs:
steps:
- name: Harden Runner
- uses: step-security/harden-runner@cba0d00b1fc9a034e1e642ea0f1103c282990604
+ uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs