Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit6b141d7

Browse files
ci: bump the github-actions group with 6 updates (#18938)
Bumps the github-actions group with 6 updates:| Package | From | To || --- | --- | --- ||[step-security/harden-runner](https://github.com/step-security/harden-runner)| `2.12.2` | `2.13.0` ||[google-github-actions/auth](https://github.com/google-github-actions/auth)| `2.1.10` | `2.1.11` ||[google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud)| `2.1.4` | `2.1.5` ||[google-github-actions/get-gke-credentials](https://github.com/google-github-actions/get-gke-credentials)| `2.3.3` | `2.3.4` || [github/codeql-action](https://github.com/github/codeql-action) |`3.29.2` | `3.29.3` ||[umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector)| `1.3.6` | `1.3.7` |Updates `step-security/harden-runner` from 2.12.2 to 2.13.0<details><summary>Release notes</summary><p><em>Sourced from <ahref="https://github.com/step-security/harden-runner/releases">step-security/harden-runner'sreleases</a>.</em></p><blockquote><h2>v2.13.0</h2><h2>What's Changed</h2><ul><li>Improved job markdown summary</li><li>Https monitoring for all domains (included with the enterprisetier)</li></ul><p><strong>Full Changelog</strong>: <ahref="https://github.com/step-security/harden-runner/compare/v2...v2.13.0">https://github.com/step-security/harden-runner/compare/v2...v2.13.0</a></p></blockquote></details><details><summary>Commits</summary><ul><li><ahref="https://github.com/step-security/harden-runner/commit/ec9f2d5744a09debf3a187a3f4f675c53b671911"><code>ec9f2d5</code></a>Merge pull request <ahref="https://redirect.github.com/step-security/harden-runner/issues/565">#565</a>from step-security/rc-24</li><li><ahref="https://github.com/step-security/harden-runner/commit/04bcbc31cfcefe0cf4720832008735021cec5ec4"><code>04bcbc3</code></a>update agent</li><li><ahref="https://github.com/step-security/harden-runner/commit/7c7a56fcaa124ab72fff1cc3e81257f264fd7317"><code>7c7a56f</code></a>feat: get job summary from API</li><li>See full diff in <ahref="https://github.com/step-security/harden-runner/compare/6c439dc8bdf85cadbbce9ed30d1c7b959517bc49...ec9f2d5744a09debf3a187a3f4f675c53b671911">compareview</a></li></ul></details><br />Updates `google-github-actions/auth` from 2.1.10 to 2.1.11<details><summary>Release notes</summary><p><em>Sourced from <ahref="https://github.com/google-github-actions/auth/releases">google-github-actions/auth'sreleases</a>.</em></p><blockquote><h2>v2.1.11</h2><h2>What's Changed</h2><ul><li>Update troubleshooting docs for Python by <ahref="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <ahref="https://redirect.github.com/google-github-actions/auth/pull/488">google-github-actions/auth#488</a></li><li>Add linters by <ahref="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <ahref="https://redirect.github.com/google-github-actions/auth/pull/499">google-github-actions/auth#499</a></li><li>Update deps by <ahref="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <ahref="https://redirect.github.com/google-github-actions/auth/pull/500">google-github-actions/auth#500</a></li><li>Release: v2.1.11 by <ahref="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>in <ahref="https://redirect.github.com/google-github-actions/auth/pull/501">google-github-actions/auth#501</a></li></ul><p><strong>Full Changelog</strong>: <ahref="https://github.com/google-github-actions/auth/compare/v2.1.10...v2.1.11">https://github.com/google-github-actions/auth/compare/v2.1.10...v2.1.11</a></p></blockquote></details><details><summary>Commits</summary><ul><li><ahref="https://github.com/google-github-actions/auth/commit/140bb5113ffb6b65a7e9b937a81fa96cf5064462"><code>140bb51</code></a>Release: v2.1.11 (<ahref="https://redirect.github.com/google-github-actions/auth/issues/501">#501</a>)</li><li><ahref="https://github.com/google-github-actions/auth/commit/ab3132e2ad698521ee1355566103fa838732e48c"><code>ab3132e</code></a>Update deps (<ahref="https://redirect.github.com/google-github-actions/auth/issues/500">#500</a>)</li><li><ahref="https://github.com/google-github-actions/auth/commit/25b96bac992fdf64486c6fd3fd3d9c4cddb3a812"><code>25b96ba</code></a>Add linters (<ahref="https://redirect.github.com/google-github-actions/auth/issues/499">#499</a>)</li><li><ahref="https://github.com/google-github-actions/auth/commit/0920706a19e9d22c3d0da43d1db5939c6ad837a8"><code>0920706</code></a>Update troubleshooting docs for Python (<ahref="https://redirect.github.com/google-github-actions/auth/issues/488">#488</a>)</li><li>See full diff in <ahref="https://github.com/google-github-actions/auth/compare/ba79af03959ebeac9769e648f473a284504d9193...140bb5113ffb6b65a7e9b937a81fa96cf5064462">compareview</a></li></ul></details><br />Updates `google-github-actions/setup-gcloud` from 2.1.4 to 2.1.5<details><summary>Release notes</summary><p><em>Sourced from <ahref="https://github.com/google-github-actions/setup-gcloud/releases">google-github-actions/setup-gcloud'sreleases</a>.</em></p><blockquote><h2>v2.1.5</h2><h2>What's Changed</h2><ul><li>security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarngroup by <ahref="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]in <ahref="https://redirect.github.com/google-github-actions/setup-gcloud/pull/711">google-github-actions/setup-gcloud#711</a></li><li>Update linters by <ahref="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <ahref="https://redirect.github.com/google-github-actions/setup-gcloud/pull/715">google-github-actions/setup-gcloud#715</a></li><li>Update deps by <ahref="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <ahref="https://redirect.github.com/google-github-actions/setup-gcloud/pull/716">google-github-actions/setup-gcloud#716</a></li><li>Release: v2.1.5 by <ahref="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>in <ahref="https://redirect.github.com/google-github-actions/setup-gcloud/pull/717">google-github-actions/setup-gcloud#717</a></li></ul><p><strong>Full Changelog</strong>: <ahref="https://github.com/google-github-actions/setup-gcloud/compare/v2.1.4...v2.1.5">https://github.com/google-github-actions/setup-gcloud/compare/v2.1.4...v2.1.5</a></p></blockquote></details><details><summary>Commits</summary><ul><li><ahref="https://github.com/google-github-actions/setup-gcloud/commit/6a7c903a70c8625ed6700fa299f5ddb4ca6022e9"><code>6a7c903</code></a>Release: v2.1.5 (<ahref="https://redirect.github.com/google-github-actions/setup-gcloud/issues/717">#717</a>)</li><li><ahref="https://github.com/google-github-actions/setup-gcloud/commit/e838bc6edfe3907980c74d5aad506fd6e173b0d6"><code>e838bc6</code></a>Update deps (<ahref="https://redirect.github.com/google-github-actions/setup-gcloud/issues/716">#716</a>)</li><li><ahref="https://github.com/google-github-actions/setup-gcloud/commit/98d8f78fcc2354c736499a506ad9e7be3f4c2640"><code>98d8f78</code></a>Update linters (<ahref="https://redirect.github.com/google-github-actions/setup-gcloud/issues/715">#715</a>)</li><li><ahref="https://github.com/google-github-actions/setup-gcloud/commit/a8b58010a5b2a061afd605f50e88629c9ec7536b"><code>a8b5801</code></a>security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group(<ahref="https://redirect.github.com/google-github-actions/setup-gcloud/issues/711">#711</a>)</li><li>See full diff in <ahref="https://github.com/google-github-actions/setup-gcloud/compare/77e7a554d41e2ee56fc945c52dfd3f33d12def9a...6a7c903a70c8625ed6700fa299f5ddb4ca6022e9">compareview</a></li></ul></details><br />Updates `google-github-actions/get-gke-credentials` from 2.3.3 to 2.3.4<details><summary>Release notes</summary><p><em>Sourced from <ahref="https://github.com/google-github-actions/get-gke-credentials/releases">google-github-actions/get-gke-credentials'sreleases</a>.</em></p><blockquote><h2>v2.3.4</h2><h2>What's Changed</h2><ul><li>security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarngroup by <ahref="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]in <ahref="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/333">google-github-actions/get-gke-credentials#333</a></li><li>Update linters by <ahref="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <ahref="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/334">google-github-actions/get-gke-credentials#334</a></li><li>Update deps by <ahref="https://github.com/sethvargo"><code>@​sethvargo</code></a> in <ahref="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/335">google-github-actions/get-gke-credentials#335</a></li><li>Release: v2.3.4 by <ahref="https://github.com/google-github-actions-bot"><code>@​google-github-actions-bot</code></a>in <ahref="https://redirect.github.com/google-github-actions/get-gke-credentials/pull/336">google-github-actions/get-gke-credentials#336</a></li></ul><p><strong>Full Changelog</strong>: <ahref="https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.3...v2.3.4">https://github.com/google-github-actions/get-gke-credentials/compare/v2.3.3...v2.3.4</a></p></blockquote></details><details><summary>Commits</summary><ul><li><ahref="https://github.com/google-github-actions/get-gke-credentials/commit/8e574c49425fa7efed1e74650a449bfa6a23308a"><code>8e574c4</code></a>Release: v2.3.4 (<ahref="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/336">#336</a>)</li><li><ahref="https://github.com/google-github-actions/get-gke-credentials/commit/820551c1d9b3734a98590d5020e3a479a3600019"><code>820551c</code></a>Update deps (<ahref="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/335">#335</a>)</li><li><ahref="https://github.com/google-github-actions/get-gke-credentials/commit/503071673e50fd4fe5973d69174dc780288d61e9"><code>5030716</code></a>Update linters (<ahref="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/334">#334</a>)</li><li><ahref="https://github.com/google-github-actions/get-gke-credentials/commit/36f99de330d5a168c801b87721b96719a0a9ada0"><code>36f99de</code></a>security: bump undici from 5.28.5 to 5.29.0 in the npm_and_yarn group(<ahref="https://redirect.github.com/google-github-actions/get-gke-credentials/issues/333">#333</a>)</li><li>See full diff in <ahref="https://github.com/google-github-actions/get-gke-credentials/compare/d0cee45012069b163a631894b98904a9e6723729...8e574c49425fa7efed1e74650a449bfa6a23308a">compareview</a></li></ul></details><br />Updates `github/codeql-action` from 3.29.2 to 3.29.3<details><summary>Release notes</summary><p><em>Sourced from <ahref="https://github.com/github/codeql-action/releases">github/codeql-action'sreleases</a>.</em></p><blockquote><h2>v3.29.3</h2><h1>CodeQL Action Changelog</h1><p>See the <ahref="https://github.com/github/codeql-action/releases">releasespage</a> for the relevant changes to the CodeQL CLI and languagepacks.</p><h2>3.29.3 - 21 Jul 2025</h2><p>No user facing changes.</p><p>See the full <ahref="https://github.com/github/codeql-action/blob/v3.29.3/CHANGELOG.md">CHANGELOG.md</a>for more information.</p></blockquote></details><details><summary>Changelog</summary><p><em>Sourced from <ahref="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action'schangelog</a>.</em></p><blockquote><h1>CodeQL Action Changelog</h1><p>See the <ahref="https://github.com/github/codeql-action/releases">releasespage</a> for the relevant changes to the CodeQL CLI and languagepacks.</p><h2>[UNRELEASED]</h2><p>No user facing changes.</p><h2>3.29.3 - 21 Jul 2025</h2><p>No user facing changes.</p><h2>3.29.2 - 30 Jun 2025</h2><ul><li>Experimental: When the <code>quality-queries</code> input for the<code>init</code> action is provided with an argument, separate<code>.quality.sarif</code> files are produced and uploaded for eachlanguage with the results of the specified queries. Do not use this inproduction as it is part of an internal experiment and subject to changeat any time. <ahref="https://redirect.github.com/github/codeql-action/pull/2935">#2935</a></li></ul><h2>3.29.1 - 27 Jun 2025</h2><ul><li>Fix bug in PR analysis where user-provided <code>include</code>query filter fails to exclude non-included queries. <ahref="https://redirect.github.com/github/codeql-action/pull/2938">#2938</a></li><li>Update default CodeQL bundle version to 2.22.1. <ahref="https://redirect.github.com/github/codeql-action/pull/2950">#2950</a></li></ul><h2>3.29.0 - 11 Jun 2025</h2><ul><li>Update default CodeQL bundle version to 2.22.0. <ahref="https://redirect.github.com/github/codeql-action/pull/2925">#2925</a></li><li>Bump minimum CodeQL bundle version to 2.16.6. <ahref="https://redirect.github.com/github/codeql-action/pull/2912">#2912</a></li></ul><h2>3.28.20 - 21 July 2025</h2><ul><li>Remove support for combining SARIF files from a single upload forGHES 3.18, see <ahref="https://github.blog/changelog/2024-05-06-code-scanning-will-stop-combining-runs-from-a-single-upload/">thechangelog post</a>. <ahref="https://redirect.github.com/github/codeql-action/pull/2959">#2959</a></li></ul><h2>3.28.19 - 03 Jun 2025</h2><ul><li>The CodeQL Action no longer includes its own copy of the extractorfor the <code>actions</code> language, which is currently in publicpreview.The <code>actions</code> extractor has been included in the CodeQL CLIsince v2.20.6. If your workflow has enabled the <code>actions</code>language <em>and</em> you have pinnedyour <code>tools:</code> property to a specific version of the CodeQLCLI earlier than v2.20.6, you will need to update to at least CodeQLv2.20.6 or disable<code>actions</code> analysis.</li><li>Update default CodeQL bundle version to 2.21.4. <ahref="https://redirect.github.com/github/codeql-action/pull/2910">#2910</a></li></ul><h2>3.28.18 - 16 May 2025</h2><ul><li>Update default CodeQL bundle version to 2.21.3. <ahref="https://redirect.github.com/github/codeql-action/pull/2893">#2893</a></li><li>Skip validating SARIF produced by CodeQL for improved performance.<ahref="https://redirect.github.com/github/codeql-action/pull/2894">#2894</a></li><li>The number of threads and amount of RAM used by CodeQL can now beset via the <code>CODEQL_THREADS</code> and <code>CODEQL_RAM</code>runner environment variables. If set, these environment variablesoverride the <code>threads</code> and <code>ram</code> inputsrespectively. <ahref="https://redirect.github.com/github/codeql-action/pull/2891">#2891</a></li></ul><h2>3.28.17 - 02 May 2025</h2><ul><li>Update default CodeQL bundle version to 2.21.2. <ahref="https://redirect.github.com/github/codeql-action/pull/2872">#2872</a></li></ul><h2>3.28.16 - 23 Apr 2025</h2><!-- raw HTML omitted --></blockquote><p>... (truncated)</p></details><details><summary>Commits</summary><ul><li><ahref="https://github.com/github/codeql-action/commit/d6bbdef45e766d081b84a2def353b0055f728d3e"><code>d6bbdef</code></a>Merge pull request <ahref="https://redirect.github.com/github/codeql-action/issues/2977">#2977</a>from github/update-v3.29.3-7710ed11e</li><li><ahref="https://github.com/github/codeql-action/commit/210cc9bfa2103f4b7c4701ee383183b944c62578"><code>210cc9b</code></a>Update changelog for v3.29.3</li><li><ahref="https://github.com/github/codeql-action/commit/7710ed11e398ea99c7f7004c2b2e0f580458db42"><code>7710ed1</code></a>Merge pull request <ahref="https://redirect.github.com/github/codeql-action/issues/2970">#2970</a>from github/cklin/diff-informed-feature-enable</li><li><ahref="https://github.com/github/codeql-action/commit/6a49a8cbce6ecbd74ea251a48dbc84e64ce3be4d"><code>6a49a8c</code></a>build: refresh js files</li><li><ahref="https://github.com/github/codeql-action/commit/3aef4108d1730e17b6fd24f8b9c49d8fcc87d46d"><code>3aef410</code></a>Add diff-informed-analysis-utils.test.ts</li><li><ahref="https://github.com/github/codeql-action/commit/614b64c6ec97a4ad54f7c99c5becbf593144dbfb"><code>614b64c</code></a>Diff-informed analysis: disable for GHES below 3.19</li><li><ahref="https://github.com/github/codeql-action/commit/aefb854fe5563f4650638224c839c6e9b33c25b5"><code>aefb854</code></a>Feature.DiffInformedQueries: default to true</li><li><ahref="https://github.com/github/codeql-action/commit/03a2a17e75d20e4ff461b43f161fb2b52165f632"><code>03a2a17</code></a>Merge pull request <ahref="https://redirect.github.com/github/codeql-action/issues/2967">#2967</a>from github/cklin/overlay-feature-flags</li><li><ahref="https://github.com/github/codeql-action/commit/07455ed3c36f739ad76d1c4e55f8b49550f74344"><code>07455ed</code></a>Merge pull request <ahref="https://redirect.github.com/github/codeql-action/issues/2972">#2972</a>from github/koesie10/ghes-satisfies</li><li><ahref="https://github.com/github/codeql-action/commit/3fb562ddcce3ca92b83ea1bb7abaa579a1ab882d"><code>3fb562d</code></a>build: refresh js files</li><li>Additional commits viewable in <ahref="https://github.com/github/codeql-action/compare/181d5eefc20863364f96762470ba6f862bdef56b...d6bbdef45e766d081b84a2def353b0055f728d3e">compareview</a></li></ul></details><br />Updates `umbrelladocs/action-linkspector` from 1.3.6 to 1.3.7<details><summary>Release notes</summary><p><em>Sourced from <ahref="https://github.com/umbrelladocs/action-linkspector/releases">umbrelladocs/action-linkspector'sreleases</a>.</em></p><blockquote><h2>Release v1.3.7</h2><p>v1.3.7: PR <ahref="https://redirect.github.com/umbrelladocs/action-linkspector/issues/47">#47</a>- Update linkspector version to 0.4.7</p></blockquote></details><details><summary>Commits</summary><ul><li><ahref="https://github.com/UmbrellaDocs/action-linkspector/commit/874d01cae9fd488e3077b08952093235bd626977"><code>874d01c</code></a>Merge pull request <ahref="https://redirect.github.com/umbrelladocs/action-linkspector/issues/47">#47</a>from UmbrellaDocs/update-linkspector-version</li><li><ahref="https://github.com/UmbrellaDocs/action-linkspector/commit/bfc5bc55f5a8fc268165639b78b3ce6ae64915ad"><code>bfc5bc5</code></a>Update linkspector version to 0.4.7</li><li>See full diff in <ahref="https://github.com/umbrelladocs/action-linkspector/compare/3a951c1f0dca72300c2320d0eb39c2bafe429ab1...874d01cae9fd488e3077b08952093235bd626977">compareview</a></li></ul></details><br />Dependabot will resolve any conflicts with this PR as long as you don'talter it yourself. You can also trigger a rebase manually by commenting`@dependabot rebase`.[//]: # (dependabot-automerge-start)[//]: # (dependabot-automerge-end)---<details><summary>Dependabot commands and options</summary><br />You can trigger Dependabot actions by commenting on this PR:- `@dependabot rebase` will rebase this PR- `@dependabot recreate` will recreate this PR, overwriting any editsthat have been made to it- `@dependabot merge` will merge this PR after your CI passes on it- `@dependabot squash and merge` will squash and merge this PR afteryour CI passes on it- `@dependabot cancel merge` will cancel a previously requested mergeand block automerging- `@dependabot reopen` will reopen this PR if it is closed- `@dependabot close` will close this PR and stop Dependabot recreatingit. You can achieve the same result by closing it manually- `@dependabot show <dependency name> ignore conditions` will show allof the ignore conditions of the specified dependency- `@dependabot ignore <dependency name> major version` will close thisgroup update PR and stop Dependabot creating any more for the specificdependency's major version (unless you unignore this specificdependency's major version or upgrade to it yourself)- `@dependabot ignore <dependency name> minor version` will close thisgroup update PR and stop Dependabot creating any more for the specificdependency's minor version (unless you unignore this specificdependency's minor version or upgrade to it yourself)- `@dependabot ignore <dependency name>` will close this group update PRand stop Dependabot creating any more for the specific dependency(unless you unignore this specific dependency or upgrade to it yourself)- `@dependabot unignore <dependency name>` will remove all of the ignoreconditions of the specified dependency- `@dependabot unignore <dependency name> <ignore condition>` willremove the ignore condition of the specified dependency and ignoreconditions</details>Signed-off-by: dependabot[bot] <support@github.com>Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parentceb4b97 commit6b141d7

12 files changed

+54
-54
lines changed

‎.github/workflows/ci.yaml

Lines changed: 22 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@ jobs:
3434
tailnet-integration:${{ steps.filter.outputs.tailnet-integration }}
3535
steps:
3636
-name:Harden Runner
37-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
37+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
3838
with:
3939
egress-policy:audit
4040

@@ -154,7 +154,7 @@ jobs:
154154
runs-on:${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-8' || 'ubuntu-latest' }}
155155
steps:
156156
-name:Harden Runner
157-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
157+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
158158
with:
159159
egress-policy:audit
160160

@@ -226,7 +226,7 @@ jobs:
226226
if:${{ !cancelled() }}
227227
steps:
228228
-name:Harden Runner
229-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
229+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
230230
with:
231231
egress-policy:audit
232232

@@ -281,7 +281,7 @@ jobs:
281281
timeout-minutes:7
282282
steps:
283283
-name:Harden Runner
284-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
284+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
285285
with:
286286
egress-policy:audit
287287

@@ -330,7 +330,7 @@ jobs:
330330
-windows-2022
331331
steps:
332332
-name:Harden Runner
333-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
333+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
334334
with:
335335
egress-policy:audit
336336

@@ -527,7 +527,7 @@ jobs:
527527
timeout-minutes:25
528528
steps:
529529
-name:Harden Runner
530-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
530+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
531531
with:
532532
egress-policy:audit
533533

@@ -575,7 +575,7 @@ jobs:
575575
timeout-minutes:25
576576
steps:
577577
-name:Harden Runner
578-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
578+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
579579
with:
580580
egress-policy:audit
581581

@@ -634,7 +634,7 @@ jobs:
634634
timeout-minutes:20
635635
steps:
636636
-name:Harden Runner
637-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
637+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
638638
with:
639639
egress-policy:audit
640640

@@ -660,7 +660,7 @@ jobs:
660660
timeout-minutes:20
661661
steps:
662662
-name:Harden Runner
663-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
663+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
664664
with:
665665
egress-policy:audit
666666

@@ -692,7 +692,7 @@ jobs:
692692
name:${{ matrix.variant.name }}
693693
steps:
694694
-name:Harden Runner
695-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
695+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
696696
with:
697697
egress-policy:audit
698698

@@ -763,7 +763,7 @@ jobs:
763763
if:needs.changes.outputs.site == 'true' || needs.changes.outputs.ci == 'true'
764764
steps:
765765
-name:Harden Runner
766-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
766+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
767767
with:
768768
egress-policy:audit
769769

@@ -843,7 +843,7 @@ jobs:
843843

844844
steps:
845845
-name:Harden Runner
846-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
846+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
847847
with:
848848
egress-policy:audit
849849

@@ -910,7 +910,7 @@ jobs:
910910
if:always()
911911
steps:
912912
-name:Harden Runner
913-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
913+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
914914
with:
915915
egress-policy:audit
916916

@@ -1038,7 +1038,7 @@ jobs:
10381038
IMAGE:ghcr.io/coder/coder-preview:${{ steps.build-docker.outputs.tag }}
10391039
steps:
10401040
-name:Harden Runner
1041-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
1041+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
10421042
with:
10431043
egress-policy:audit
10441044

@@ -1095,14 +1095,14 @@ jobs:
10951095
# Setup GCloud for signing Windows binaries.
10961096
-name:Authenticate to Google Cloud
10971097
id:gcloud_auth
1098-
uses:google-github-actions/auth@ba79af03959ebeac9769e648f473a284504d9193# v2.1.10
1098+
uses:google-github-actions/auth@140bb5113ffb6b65a7e9b937a81fa96cf5064462# v2.1.11
10991099
with:
11001100
workload_identity_provider:${{ secrets.GCP_CODE_SIGNING_WORKLOAD_ID_PROVIDER }}
11011101
service_account:${{ secrets.GCP_CODE_SIGNING_SERVICE_ACCOUNT }}
11021102
token_format:"access_token"
11031103

11041104
-name:Setup GCloud SDK
1105-
uses:google-github-actions/setup-gcloud@77e7a554d41e2ee56fc945c52dfd3f33d12def9a# v2.1.4
1105+
uses:google-github-actions/setup-gcloud@6a7c903a70c8625ed6700fa299f5ddb4ca6022e9# v2.1.5
11061106

11071107
-name:Download dylibs
11081108
uses:actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093# v4.3.0
@@ -1386,7 +1386,7 @@ jobs:
13861386
id-token:write
13871387
steps:
13881388
-name:Harden Runner
1389-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
1389+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
13901390
with:
13911391
egress-policy:audit
13921392

@@ -1396,13 +1396,13 @@ jobs:
13961396
fetch-depth:0
13971397

13981398
-name:Authenticate to Google Cloud
1399-
uses:google-github-actions/auth@ba79af03959ebeac9769e648f473a284504d9193# v2.1.10
1399+
uses:google-github-actions/auth@140bb5113ffb6b65a7e9b937a81fa96cf5064462# v2.1.11
14001400
with:
14011401
workload_identity_provider:projects/573722524737/locations/global/workloadIdentityPools/github/providers/github
14021402
service_account:coder-ci@coder-dogfood.iam.gserviceaccount.com
14031403

14041404
-name:Set up Google Cloud SDK
1405-
uses:google-github-actions/setup-gcloud@77e7a554d41e2ee56fc945c52dfd3f33d12def9a# v2.1.4
1405+
uses:google-github-actions/setup-gcloud@6a7c903a70c8625ed6700fa299f5ddb4ca6022e9# v2.1.5
14061406

14071407
-name:Set up Flux CLI
14081408
uses:fluxcd/flux2/action@6bf37f6a560fd84982d67f853162e4b3c2235edb# v2.6.4
@@ -1411,7 +1411,7 @@ jobs:
14111411
version:"2.5.1"
14121412

14131413
-name:Get Cluster Credentials
1414-
uses:google-github-actions/get-gke-credentials@d0cee45012069b163a631894b98904a9e6723729# v2.3.3
1414+
uses:google-github-actions/get-gke-credentials@8e574c49425fa7efed1e74650a449bfa6a23308a# v2.3.4
14151415
with:
14161416
cluster_name:dogfood-v2
14171417
location:us-central1-a
@@ -1450,7 +1450,7 @@ jobs:
14501450
if:github.ref == 'refs/heads/main' && !github.event.pull_request.head.repo.fork
14511451
steps:
14521452
-name:Harden Runner
1453-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
1453+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
14541454
with:
14551455
egress-policy:audit
14561456

@@ -1485,7 +1485,7 @@ jobs:
14851485
if:needs.changes.outputs.db == 'true' || needs.changes.outputs.ci == 'true' || github.ref == 'refs/heads/main'
14861486
steps:
14871487
-name:Harden Runner
1488-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
1488+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
14891489
with:
14901490
egress-policy:audit
14911491

‎.github/workflows/docker-base.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,7 @@ jobs:
3838
if:github.repository_owner == 'coder'
3939
steps:
4040
-name:Harden Runner
41-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
41+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
4242
with:
4343
egress-policy:audit
4444

‎.github/workflows/dogfood.yaml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ jobs:
2727
runs-on:${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-4' || 'ubuntu-latest' }}
2828
steps:
2929
-name:Harden Runner
30-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
30+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
3131
with:
3232
egress-policy:audit
3333

@@ -118,7 +118,7 @@ jobs:
118118
runs-on:ubuntu-latest
119119
steps:
120120
-name:Harden Runner
121-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
121+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
122122
with:
123123
egress-policy:audit
124124

@@ -129,7 +129,7 @@ jobs:
129129
uses:./.github/actions/setup-tf
130130

131131
-name:Authenticate to Google Cloud
132-
uses:google-github-actions/auth@ba79af03959ebeac9769e648f473a284504d9193# v2.1.10
132+
uses:google-github-actions/auth@140bb5113ffb6b65a7e9b937a81fa96cf5064462# v2.1.11
133133
with:
134134
workload_identity_provider:projects/573722524737/locations/global/workloadIdentityPools/github/providers/github
135135
service_account:coder-ci@coder-dogfood.iam.gserviceaccount.com

‎.github/workflows/pr-auto-assign.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ jobs:
1414
runs-on:ubuntu-latest
1515
steps:
1616
-name:Harden Runner
17-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
17+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
1818
with:
1919
egress-policy:audit
2020

‎.github/workflows/pr-cleanup.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ jobs:
1919
packages:write
2020
steps:
2121
-name:Harden Runner
22-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
22+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
2323
with:
2424
egress-policy:audit
2525

‎.github/workflows/pr-deploy.yaml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@ jobs:
3939
PR_OPEN:${{ steps.check_pr.outputs.pr_open }}
4040
steps:
4141
-name:Harden Runner
42-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
42+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
4343
with:
4444
egress-policy:audit
4545

@@ -74,7 +74,7 @@ jobs:
7474
runs-on:"ubuntu-latest"
7575
steps:
7676
-name:Harden Runner
77-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
77+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
7878
with:
7979
egress-policy:audit
8080

@@ -174,7 +174,7 @@ jobs:
174174
pull-requests:write# needed for commenting on PRs
175175
steps:
176176
-name:Harden Runner
177-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
177+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
178178
with:
179179
egress-policy:audit
180180

@@ -218,7 +218,7 @@ jobs:
218218
CODER_IMAGE_TAG:${{ needs.get_info.outputs.CODER_IMAGE_TAG }}
219219
steps:
220220
-name:Harden Runner
221-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
221+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
222222
with:
223223
egress-policy:audit
224224

@@ -276,7 +276,7 @@ jobs:
276276
PR_HOSTNAME:"pr${{ needs.get_info.outputs.PR_NUMBER }}.${{ secrets.PR_DEPLOYMENTS_DOMAIN }}"
277277
steps:
278278
-name:Harden Runner
279-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
279+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
280280
with:
281281
egress-policy:audit
282282

‎.github/workflows/release-validation.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ jobs:
1414

1515
steps:
1616
-name:Harden Runner
17-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
17+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
1818
with:
1919
egress-policy:audit
2020

‎.github/workflows/release.yaml

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -134,7 +134,7 @@ jobs:
134134
version:${{ steps.version.outputs.version }}
135135
steps:
136136
-name:Harden Runner
137-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
137+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
138138
with:
139139
egress-policy:audit
140140

@@ -286,14 +286,14 @@ jobs:
286286
# Setup GCloud for signing Windows binaries.
287287
-name:Authenticate to Google Cloud
288288
id:gcloud_auth
289-
uses:google-github-actions/auth@ba79af03959ebeac9769e648f473a284504d9193# v2.1.10
289+
uses:google-github-actions/auth@140bb5113ffb6b65a7e9b937a81fa96cf5064462# v2.1.11
290290
with:
291291
workload_identity_provider:${{ secrets.GCP_CODE_SIGNING_WORKLOAD_ID_PROVIDER }}
292292
service_account:${{ secrets.GCP_CODE_SIGNING_SERVICE_ACCOUNT }}
293293
token_format:"access_token"
294294

295295
-name:Setup GCloud SDK
296-
uses:google-github-actions/setup-gcloud@77e7a554d41e2ee56fc945c52dfd3f33d12def9a# v2.1.4
296+
uses:google-github-actions/setup-gcloud@6a7c903a70c8625ed6700fa299f5ddb4ca6022e9# v2.1.5
297297

298298
-name:Download dylibs
299299
uses:actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093# v4.3.0
@@ -696,13 +696,13 @@ jobs:
696696
CODER_GPG_RELEASE_KEY_BASE64:${{ secrets.GPG_RELEASE_KEY_BASE64 }}
697697

698698
-name:Authenticate to Google Cloud
699-
uses:google-github-actions/auth@ba79af03959ebeac9769e648f473a284504d9193# v2.1.10
699+
uses:google-github-actions/auth@140bb5113ffb6b65a7e9b937a81fa96cf5064462# v2.1.11
700700
with:
701701
workload_identity_provider:${{ secrets.GCP_WORKLOAD_ID_PROVIDER }}
702702
service_account:${{ secrets.GCP_SERVICE_ACCOUNT }}
703703

704704
-name:Setup GCloud SDK
705-
uses:google-github-actions/setup-gcloud@77e7a554d41e2ee56fc945c52dfd3f33d12def9a# 2.1.4
705+
uses:google-github-actions/setup-gcloud@6a7c903a70c8625ed6700fa299f5ddb4ca6022e9# 2.1.5
706706

707707
-name:Publish Helm Chart
708708
if:${{ !inputs.dry_run }}
@@ -764,7 +764,7 @@ jobs:
764764
# TODO: skip this if it's not a new release (i.e. a backport). This is
765765
# fine right now because it just makes a PR that we can close.
766766
-name:Harden Runner
767-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
767+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
768768
with:
769769
egress-policy:audit
770770

@@ -840,7 +840,7 @@ jobs:
840840

841841
steps:
842842
-name:Harden Runner
843-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
843+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
844844
with:
845845
egress-policy:audit
846846

@@ -930,7 +930,7 @@ jobs:
930930
if:${{ !inputs.dry_run }}
931931
steps:
932932
-name:Harden Runner
933-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
933+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
934934
with:
935935
egress-policy:audit
936936

‎.github/workflows/scorecard.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ jobs:
2020

2121
steps:
2222
-name:Harden Runner
23-
uses:step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49# v2.12.2
23+
uses:step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911# v2.13.0
2424
with:
2525
egress-policy:audit
2626

@@ -47,6 +47,6 @@ jobs:
4747

4848
# Upload the results to GitHub's code scanning dashboard.
4949
-name:"Upload to code-scanning"
50-
uses:github/codeql-action/upload-sarif@181d5eefc20863364f96762470ba6f862bdef56b# v3.29.2
50+
uses:github/codeql-action/upload-sarif@d6bbdef45e766d081b84a2def353b0055f728d3e# v3.29.3
5151
with:
5252
sarif_file:results.sarif

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp