Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit9e78aae

Browse files
ci: bump the github-actions group with 3 updates (#15649)
Bumps the github-actions group with 3 updates:[step-security/harden-runner](https://github.com/step-security/harden-runner),[github/codeql-action](https://github.com/github/codeql-action) and[aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action).Updates `step-security/harden-runner` from 2.10.1 to 2.10.2<details><summary>Release notes</summary><p><em>Sourced from <ahref="https://github.com/step-security/harden-runner/releases">step-security/harden-runner'sreleases</a>.</em></p><blockquote><h2>v2.10.2</h2><h2>What's Changed</h2><ol><li><p>Fixes low-severity command injection weaknessesThe advisory is here: <ahref="https://github.com/step-security/harden-runner/security/advisories/GHSA-g85v-wf27-67xc">https://github.com/step-security/harden-runner/security/advisories/GHSA-g85v-wf27-67xc</a></p></li><li><p>Bug fix to improve detection of whether Harden-Runner is running in acontainer</p></li></ol><p><strong>Full Changelog</strong>: <ahref="https://github.com/step-security/harden-runner/compare/v2...v2.10.2">https://github.com/step-security/harden-runner/compare/v2...v2.10.2</a></p></blockquote></details><details><summary>Commits</summary><ul><li><ahref="https://github.com/step-security/harden-runner/commit/0080882f6c36860b6ba35c610c98ce87d4e2f26f"><code>0080882</code></a>Merge pull request <ahref="https://redirect.github.com/step-security/harden-runner/issues/476">#476</a>from step-security/rc-16</li><li><ahref="https://github.com/step-security/harden-runner/commit/4a3a88bbf8f2e304f84e1042472c02dce37eba82"><code>4a3a88b</code></a>Update dist</li><li><ahref="https://github.com/step-security/harden-runner/commit/556aae632a6c1f630efa52e90d706218618e5f2f"><code>556aae6</code></a>Merge pull request <ahref="https://redirect.github.com/step-security/harden-runner/issues/480">#480</a>from h0x0er/jatin/cleanup</li><li><ahref="https://github.com/step-security/harden-runner/commit/6c39b8466160e86ad8606033d399fe7f4052aee1"><code>6c39b84</code></a>chore: clean the code</li><li><ahref="https://github.com/step-security/harden-runner/commit/40401cf6183a0ab2dae5c7e485c1d073fe911e91"><code>40401cf</code></a>Update for isdocker</li><li><ahref="https://github.com/step-security/harden-runner/commit/806ab1cccb47a439a89d5f8f85d3ea41a7fb1e4c"><code>806ab1c</code></a>Update check for isdocker</li><li><ahref="https://github.com/step-security/harden-runner/commit/28468118cdb665b2214b64175253b83fcb4b25f6"><code>2846811</code></a>update dist</li><li><ahref="https://github.com/step-security/harden-runner/commit/df8a07c1712fac199e8d6e78d64a46092afffa44"><code>df8a07c</code></a>Merge pull request <ahref="https://redirect.github.com/step-security/harden-runner/issues/475">#475</a>from h0x0er/fix-execSync</li><li><ahref="https://github.com/step-security/harden-runner/commit/30636fb583e59a926da2f17677e5cd3b63cf1be1"><code>30636fb</code></a>bug fixes</li><li>See full diff in <ahref="https://github.com/step-security/harden-runner/compare/91182cccc01eb5e619899d80e4e971d6181294a7...0080882f6c36860b6ba35c610c98ce87d4e2f26f">compareview</a></li></ul></details><br />Updates `github/codeql-action` from 3.27.4 to 3.27.5<details><summary>Release notes</summary><p><em>Sourced from <ahref="https://github.com/github/codeql-action/releases">github/codeql-action'sreleases</a>.</em></p><blockquote><h2>v3.27.5</h2><h1>CodeQL Action Changelog</h1><p>See the <ahref="https://github.com/github/codeql-action/releases">releasespage</a> for the relevant changes to the CodeQL CLI and languagepacks.</p><p>Note that the only difference between <code>v2</code> and<code>v3</code> of the CodeQL Action is the node version they support,with <code>v3</code> running on node 20 while we continue to release<code>v2</code> to support running on node 16. For example<code>3.22.11</code> was the first <code>v3</code> release and isfunctionally identical to <code>2.22.11</code>. This approach ensures aneasy way to track exactly which features are included in differentversions, indicated by the minor and patch version numbers.</p><h2>3.27.5 - 19 Nov 2024</h2><p>No user facing changes.</p><p>See the full <ahref="https://github.com/github/codeql-action/blob/v3.27.5/CHANGELOG.md">CHANGELOG.md</a>for more information.</p></blockquote></details><details><summary>Changelog</summary><p><em>Sourced from <ahref="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action'schangelog</a>.</em></p><blockquote><h1>CodeQL Action Changelog</h1><p>See the <ahref="https://github.com/github/codeql-action/releases">releasespage</a> for the relevant changes to the CodeQL CLI and languagepacks.</p><p>Note that the only difference between <code>v2</code> and<code>v3</code> of the CodeQL Action is the node version they support,with <code>v3</code> running on node 20 while we continue to release<code>v2</code> to support running on node 16. For example<code>3.22.11</code> was the first <code>v3</code> release and isfunctionally identical to <code>2.22.11</code>. This approach ensures aneasy way to track exactly which features are included in differentversions, indicated by the minor and patch version numbers.</p><h2>[UNRELEASED]</h2><p>No user facing changes.</p><h2>3.27.5 - 19 Nov 2024</h2><p>No user facing changes.</p><h2>3.27.4 - 14 Nov 2024</h2><p>No user facing changes.</p><h2>3.27.3 - 12 Nov 2024</h2><p>No user facing changes.</p><h2>3.27.2 - 12 Nov 2024</h2><ul><li>Fixed an issue where setting up the CodeQL tools would sometimesfail with the message &quot;Invalid value 'undefined' for header'authorization'&quot;. <ahref="https://redirect.github.com/github/codeql-action/pull/2590">#2590</a></li></ul><h2>3.27.1 - 08 Nov 2024</h2><ul><li>The CodeQL Action now downloads bundles compressed using Zstandardon GitHub Enterprise Server when using Linux or macOS runners. Thisspeeds up the installation of the CodeQL tools. This feature is alreadyavailable to GitHub.com users. <ahref="https://redirect.github.com/github/codeql-action/pull/2573">#2573</a></li><li>Update default CodeQL bundle version to 2.19.3. <ahref="https://redirect.github.com/github/codeql-action/pull/2576">#2576</a></li></ul><h2>3.27.0 - 22 Oct 2024</h2><ul><li>Bump the minimum CodeQL bundle version to 2.14.6. <ahref="https://redirect.github.com/github/codeql-action/pull/2549">#2549</a></li><li>Fix an issue where the <code>upload-sarif</code> Action would failwith &quot;upload-sarif post-action step failed: Input required and notsupplied: token&quot; when called in a composite Action that had adifferent set of inputs to the ones expected by the<code>upload-sarif</code> Action. <ahref="https://redirect.github.com/github/codeql-action/pull/2557">#2557</a></li><li>Update default CodeQL bundle version to 2.19.2. <ahref="https://redirect.github.com/github/codeql-action/pull/2552">#2552</a></li></ul><h2>3.26.13 - 14 Oct 2024</h2><p>No user facing changes.</p><h2>3.26.12 - 07 Oct 2024</h2><ul><li><p><em>Upcoming breaking change</em>: Add a deprecation warning forcustomers using CodeQL version 2.14.5 and earlier. These versions ofCodeQL were discontinued on 24 September 2024 alongside GitHubEnterprise Server 3.10, and will be unsupported by CodeQL Actionversions 3.27.0 and later and versions 2.27.0 and later. <ahref="https://redirect.github.com/github/codeql-action/pull/2520">#2520</a></p><ul><li><p>If you are using one of these versions, please update to CodeQL CLIversion 2.14.6 or later. For instance, if you have specified a customversion of the CLI using the 'tools' input to the 'init' Action, you canremove this input to use the default version.</p></li><li><p>Alternatively, if you want to continue using a version of the CodeQLCLI between 2.13.5 and 2.14.5, you can replace<code>github/codeql-action/*@V3</code> by<code>github/codeql-action/*@v3.26.11</code> and<code>github/codeql-action/*@v2</code> by<code>github/codeql-action/*@v2.26.11</code> in your code scanningworkflow to ensure you continue using this version of the CodeQLAction.</p></li></ul></li></ul><h2>3.26.11 - 03 Oct 2024</h2><!-- raw HTML omitted --></blockquote><p>... (truncated)</p></details><details><summary>Commits</summary><ul><li><ahref="https://github.com/github/codeql-action/commit/f09c1c0a94de965c15400f5634aa42fac8fb8f88"><code>f09c1c0</code></a>Merge pull request <ahref="https://redirect.github.com/github/codeql-action/issues/2616">#2616</a>from github/update-v3.27.5-a6c8729a5</li><li><ahref="https://github.com/github/codeql-action/commit/67b73eaba559c7e6913377065b0362ccbfc94e87"><code>67b73ea</code></a>Update changelog for v3.27.5</li><li><ahref="https://github.com/github/codeql-action/commit/a6c8729a5d7573eb8d440e52a9645ce4db61d97c"><code>a6c8729</code></a>Merge pull request <ahref="https://redirect.github.com/github/codeql-action/issues/2614">#2614</a>from github/marcogario/per-platform-proxy</li><li><ahref="https://github.com/github/codeql-action/commit/8f3b48727ff1b076c28967a258b95fcee30a3a48"><code>8f3b487</code></a>Start-proxy: Fetch OS specific binary</li><li><ahref="https://github.com/github/codeql-action/commit/cba5fb58d4f85affaf03eb9da32f5b6c9d76838b"><code>cba5fb5</code></a>Merge pull request <ahref="https://redirect.github.com/github/codeql-action/issues/2613">#2613</a>from github/dependabot/npm_and_yarn/npm_and_yarn-018...</li><li><ahref="https://github.com/github/codeql-action/commit/e782c3a145d9946aba8fa390e406acbe4e4c05c5"><code>e782c3a</code></a>Merge pull request <ahref="https://redirect.github.com/github/codeql-action/issues/2612">#2612</a>from github/angelapwen/report-linux-runner-release</li><li><ahref="https://github.com/github/codeql-action/commit/db6788195b646f87b3d1c616b0c14a6d5b7fa9a6"><code>db67881</code></a>Update checked-in dependencies</li><li><ahref="https://github.com/github/codeql-action/commit/ecde4d232d18cf2dba6c1a6b76810332abff736f"><code>ecde4d2</code></a>Bump cross-spawn from 7.0.3 to 7.0.6 in the npm_and_yarn group</li><li><ahref="https://github.com/github/codeql-action/commit/e3c67a01d31d9c173ba5ffccc9d0f275540d99de"><code>e3c67a0</code></a>Merge pull request <ahref="https://redirect.github.com/github/codeql-action/issues/2610">#2610</a>from github/dependabot/npm_and_yarn/npm-d2ca52e617</li><li><ahref="https://github.com/github/codeql-action/commit/f9ada54538b47b6db28c4d11f53848689968909e"><code>f9ada54</code></a>Telemetry: report OS release for GitHub-hosted Linux runners</li><li>Additional commits viewable in <ahref="https://github.com/github/codeql-action/compare/ea9e4e37992a54ee68a9622e985e60c8e8f12d9f...f09c1c0a94de965c15400f5634aa42fac8fb8f88">compareview</a></li></ul></details><br />Updates `aquasecurity/trivy-action` from 0.28.0 to 0.29.0<details><summary>Release notes</summary><p><em>Sourced from <ahref="https://github.com/aquasecurity/trivy-action/releases">aquasecurity/trivy-action'sreleases</a>.</em></p><blockquote><h2>v0.29.0</h2><h2>What's Changed</h2><ul><li>feat: Allow skipping setup by <ahref="https://github.com/rvesse"><code>@​rvesse</code></a> in <ahref="https://redirect.github.com/aquasecurity/trivy-action/pull/414">aquasecurity/trivy-action#414</a></li><li>Fix oras command not found in &quot;Update Trivy Cache&quot; actionby <a href="https://github.com/Tiryoh"><code>@​Tiryoh</code></a> in <ahref="https://redirect.github.com/aquasecurity/trivy-action/pull/413">aquasecurity/trivy-action#413</a></li><li>Update README.md by <ahref="https://github.com/simar7"><code>@​simar7</code></a> in <ahref="https://redirect.github.com/aquasecurity/trivy-action/pull/420">aquasecurity/trivy-action#420</a></li><li>feat: add token for <code>setup-trivy</code> by <ahref="https://github.com/DmitriyLewen"><code>@​DmitriyLewen</code></a>in <ahref="https://redirect.github.com/aquasecurity/trivy-action/pull/421">aquasecurity/trivy-action#421</a></li><li>fix: bump <code>setup-trivy</code> and add new <code>contrib</code>directory path info by <ahref="https://github.com/DmitriyLewen"><code>@​DmitriyLewen</code></a>in <ahref="https://redirect.github.com/aquasecurity/trivy-action/pull/424">aquasecurity/trivy-action#424</a></li><li>docs: remove ignore-unfixed from IaC scan example by <ahref="https://github.com/nikpivkin"><code>@​nikpivkin</code></a> in <ahref="https://redirect.github.com/aquasecurity/trivy-action/pull/429">aquasecurity/trivy-action#429</a></li><li>chore(deps): Bump trivy to v0.57.1 by <ahref="https://github.com/simar7"><code>@​simar7</code></a> in <ahref="https://redirect.github.com/aquasecurity/trivy-action/pull/434">aquasecurity/trivy-action#434</a></li></ul><h2>New Contributors</h2><ul><li><a href="https://github.com/rvesse"><code>@​rvesse</code></a> madetheir first contribution in <ahref="https://redirect.github.com/aquasecurity/trivy-action/pull/414">aquasecurity/trivy-action#414</a></li><li><a href="https://github.com/Tiryoh"><code>@​Tiryoh</code></a> madetheir first contribution in <ahref="https://redirect.github.com/aquasecurity/trivy-action/pull/413">aquasecurity/trivy-action#413</a></li></ul><p><strong>Full Changelog</strong>: <ahref="https://github.com/aquasecurity/trivy-action/compare/0.28.0...0.29.0">https://github.com/aquasecurity/trivy-action/compare/0.28.0...0.29.0</a></p></blockquote></details><details><summary>Commits</summary><ul><li><ahref="https://github.com/aquasecurity/trivy-action/commit/18f2510ee396bbf400402947b394f2dd8c87dbb0"><code>18f2510</code></a>chore(deps): Bump trivy to v0.57.1 (<ahref="https://redirect.github.com/aquasecurity/trivy-action/issues/434">#434</a>)</li><li><ahref="https://github.com/aquasecurity/trivy-action/commit/93941cebba762da4c91a91883859bf1bfb221c73"><code>93941ce</code></a>docs: remove ignore-unfixed from IaC scan example (<ahref="https://redirect.github.com/aquasecurity/trivy-action/issues/429">#429</a>)</li><li><ahref="https://github.com/aquasecurity/trivy-action/commit/d2a392a13760cb64cb6bbd31d4bed2a7d9a5298d"><code>d2a392a</code></a>fix: bump <code>setup-trivy</code> and add new <code>contrib</code>directory path info (<ahref="https://redirect.github.com/aquasecurity/trivy-action/issues/424">#424</a>)</li><li><ahref="https://github.com/aquasecurity/trivy-action/commit/ee8934673cc18947baf4b05c01c4100ff36648da"><code>ee89346</code></a>feat: add token for <code>setup-trivy</code> (<ahref="https://redirect.github.com/aquasecurity/trivy-action/issues/421">#421</a>)</li><li><ahref="https://github.com/aquasecurity/trivy-action/commit/cf990b19d84bbbe1eb8833659989a7c1029132e3"><code>cf990b1</code></a>Update README.md (<ahref="https://redirect.github.com/aquasecurity/trivy-action/issues/420">#420</a>)</li><li><ahref="https://github.com/aquasecurity/trivy-action/commit/bff40be51b9207cf8f2148d628a9836cc7370247"><code>bff40be</code></a>docs: Fix oras command not found (<ahref="https://redirect.github.com/aquasecurity/trivy-action/issues/413">#413</a>)</li><li><ahref="https://github.com/aquasecurity/trivy-action/commit/fc1500abdcdc9fc681e98d8912a52fa70dbc67de"><code>fc1500a</code></a>feat: Allow skipping setup (<ahref="https://redirect.github.com/aquasecurity/trivy-action/issues/414">#414</a>)</li><li>See full diff in <ahref="https://github.com/aquasecurity/trivy-action/compare/915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2...18f2510ee396bbf400402947b394f2dd8c87dbb0">compareview</a></li></ul></details><br />Dependabot will resolve any conflicts with this PR as long as you don'talter it yourself. You can also trigger a rebase manually by commenting`@dependabot rebase`.[//]: # (dependabot-automerge-start)[//]: # (dependabot-automerge-end)---<details><summary>Dependabot commands and options</summary><br />You can trigger Dependabot actions by commenting on this PR:- `@dependabot rebase` will rebase this PR- `@dependabot recreate` will recreate this PR, overwriting any editsthat have been made to it- `@dependabot merge` will merge this PR after your CI passes on it- `@dependabot squash and merge` will squash and merge this PR afteryour CI passes on it- `@dependabot cancel merge` will cancel a previously requested mergeand block automerging- `@dependabot reopen` will reopen this PR if it is closed- `@dependabot close` will close this PR and stop Dependabot recreatingit. You can achieve the same result by closing it manually- `@dependabot show <dependency name> ignore conditions` will show allof the ignore conditions of the specified dependency- `@dependabot ignore <dependency name> major version` will close thisgroup update PR and stop Dependabot creating any more for the specificdependency's major version (unless you unignore this specificdependency's major version or upgrade to it yourself)- `@dependabot ignore <dependency name> minor version` will close thisgroup update PR and stop Dependabot creating any more for the specificdependency's minor version (unless you unignore this specificdependency's minor version or upgrade to it yourself)- `@dependabot ignore <dependency name>` will close this group update PRand stop Dependabot creating any more for the specific dependency(unless you unignore this specific dependency or upgrade to it yourself)- `@dependabot unignore <dependency name>` will remove all of the ignoreconditions of the specified dependency- `@dependabot unignore <dependency name> <ignore condition>` willremove the ignore condition of the specified dependency and ignoreconditions</details>Signed-off-by: dependabot[bot] <support@github.com>Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parent83c493e commit9e78aae

14 files changed

+52
-52
lines changed

‎.github/workflows/ci.yaml‎

Lines changed: 19 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@ jobs:
3434
tailnet-integration:${{ steps.filter.outputs.tailnet-integration }}
3535
steps:
3636
-name:Harden Runner
37-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
37+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
3838
with:
3939
egress-policy:audit
4040

@@ -155,7 +155,7 @@ jobs:
155155
runs-on:${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-8' || 'ubuntu-latest' }}
156156
steps:
157157
-name:Harden Runner
158-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
158+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
159159
with:
160160
egress-policy:audit
161161

@@ -227,7 +227,7 @@ jobs:
227227
if:always()
228228
steps:
229229
-name:Harden Runner
230-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
230+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
231231
with:
232232
egress-policy:audit
233233

@@ -281,7 +281,7 @@ jobs:
281281
timeout-minutes:7
282282
steps:
283283
-name:Harden Runner
284-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
284+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
285285
with:
286286
egress-policy:audit
287287

@@ -322,7 +322,7 @@ jobs:
322322
-windows-2022
323323
steps:
324324
-name:Harden Runner
325-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
325+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
326326
with:
327327
egress-policy:audit
328328

@@ -381,7 +381,7 @@ jobs:
381381
timeout-minutes:25
382382
steps:
383383
-name:Harden Runner
384-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
384+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
385385
with:
386386
egress-policy:audit
387387

@@ -426,7 +426,7 @@ jobs:
426426
timeout-minutes:25
427427
steps:
428428
-name:Harden Runner
429-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
429+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
430430
with:
431431
egress-policy:audit
432432

@@ -463,7 +463,7 @@ jobs:
463463
timeout-minutes:25
464464
steps:
465465
-name:Harden Runner
466-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
466+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
467467
with:
468468
egress-policy:audit
469469

@@ -508,7 +508,7 @@ jobs:
508508
timeout-minutes:20
509509
steps:
510510
-name:Harden Runner
511-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
511+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
512512
with:
513513
egress-policy:audit
514514

@@ -534,7 +534,7 @@ jobs:
534534
timeout-minutes:20
535535
steps:
536536
-name:Harden Runner
537-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
537+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
538538
with:
539539
egress-policy:audit
540540

@@ -566,7 +566,7 @@ jobs:
566566
name:${{ matrix.variant.name }}
567567
steps:
568568
-name:Harden Runner
569-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
569+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
570570
with:
571571
egress-policy:audit
572572

@@ -630,7 +630,7 @@ jobs:
630630
if:needs.changes.outputs.ts == 'true' || needs.changes.outputs.ci == 'true'
631631
steps:
632632
-name:Harden Runner
633-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
633+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
634634
with:
635635
egress-policy:audit
636636

@@ -707,7 +707,7 @@ jobs:
707707

708708
steps:
709709
-name:Harden Runner
710-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
710+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
711711
with:
712712
egress-policy:audit
713713

@@ -780,7 +780,7 @@ jobs:
780780
if:always()
781781
steps:
782782
-name:Harden Runner
783-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
783+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
784784
with:
785785
egress-policy:audit
786786

@@ -815,7 +815,7 @@ jobs:
815815
runs-on:${{ github.repository_owner == 'coder' && 'depot-macos-latest' || 'macos-latest' }}
816816
steps:
817817
-name:Harden Runner
818-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
818+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
819819
with:
820820
egress-policy:audit
821821

@@ -901,7 +901,7 @@ jobs:
901901
IMAGE:ghcr.io/coder/coder-preview:${{ steps.build-docker.outputs.tag }}
902902
steps:
903903
-name:Harden Runner
904-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
904+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
905905
with:
906906
egress-policy:audit
907907

@@ -1037,7 +1037,7 @@ jobs:
10371037
id-token:write
10381038
steps:
10391039
-name:Harden Runner
1040-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
1040+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
10411041
with:
10421042
egress-policy:audit
10431043

@@ -1099,7 +1099,7 @@ jobs:
10991099
if:github.ref == 'refs/heads/main' && !github.event.pull_request.head.repo.fork
11001100
steps:
11011101
-name:Harden Runner
1102-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
1102+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
11031103
with:
11041104
egress-policy:audit
11051105

@@ -1134,7 +1134,7 @@ jobs:
11341134
if:needs.changes.outputs.db == 'true' || needs.changes.outputs.ci == 'true' || github.ref == 'refs/heads/main'
11351135
steps:
11361136
-name:Harden Runner
1137-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
1137+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
11381138
with:
11391139
egress-policy:audit
11401140

‎.github/workflows/contrib.yaml‎

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ jobs:
3131
pull-requests:write
3232
steps:
3333
-name:Harden Runner
34-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
34+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
3535
with:
3636
egress-policy:audit
3737

@@ -43,7 +43,7 @@ jobs:
4343
runs-on:ubuntu-latest
4444
steps:
4545
-name:Harden Runner
46-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
46+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
4747
with:
4848
egress-policy:audit
4949

@@ -70,7 +70,7 @@ jobs:
7070
if:${{ github.event_name == 'pull_request_target' && !github.event.pull_request.draft }}
7171
steps:
7272
-name:Harden Runner
73-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
73+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
7474
with:
7575
egress-policy:audit
7676

‎.github/workflows/docker-base.yaml‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,7 @@ jobs:
3838
if:github.repository_owner == 'coder'
3939
steps:
4040
-name:Harden Runner
41-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
41+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
4242
with:
4343
egress-policy:audit
4444

‎.github/workflows/dogfood.yaml‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ jobs:
2727
runs-on:ubuntu-latest
2828
steps:
2929
-name:Harden Runner
30-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
30+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
3131
with:
3232
egress-policy:audit
3333

@@ -89,7 +89,7 @@ jobs:
8989
runs-on:ubuntu-latest
9090
steps:
9191
-name:Harden Runner
92-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
92+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
9393
with:
9494
egress-policy:audit
9595

‎.github/workflows/nightly-gauntlet.yaml‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@ jobs:
2121
timeout-minutes:240
2222
steps:
2323
-name:Harden Runner
24-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
24+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
2525
with:
2626
egress-policy:audit
2727

@@ -53,7 +53,7 @@ jobs:
5353
timeout-minutes:10
5454
steps:
5555
-name:Harden Runner
56-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
56+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
5757
with:
5858
egress-policy:audit
5959

‎.github/workflows/pr-auto-assign.yaml‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ jobs:
1414
runs-on:ubuntu-latest
1515
steps:
1616
-name:Harden Runner
17-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
17+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
1818
with:
1919
egress-policy:audit
2020

‎.github/workflows/pr-cleanup.yaml‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ jobs:
1919
packages:write
2020
steps:
2121
-name:Harden Runner
22-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
22+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
2323
with:
2424
egress-policy:audit
2525

‎.github/workflows/pr-deploy.yaml‎

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,7 @@ jobs:
3838
PR_OPEN:${{ steps.check_pr.outputs.pr_open }}
3939
steps:
4040
-name:Harden Runner
41-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
41+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
4242
with:
4343
egress-policy:audit
4444

@@ -73,7 +73,7 @@ jobs:
7373
runs-on:"ubuntu-latest"
7474
steps:
7575
-name:Harden Runner
76-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
76+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
7777
with:
7878
egress-policy:audit
7979

@@ -173,7 +173,7 @@ jobs:
173173
pull-requests:write# needed for commenting on PRs
174174
steps:
175175
-name:Harden Runner
176-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
176+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
177177
with:
178178
egress-policy:audit
179179

@@ -217,7 +217,7 @@ jobs:
217217
CODER_IMAGE_TAG:${{ needs.get_info.outputs.CODER_IMAGE_TAG }}
218218
steps:
219219
-name:Harden Runner
220-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
220+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
221221
with:
222222
egress-policy:audit
223223

@@ -275,7 +275,7 @@ jobs:
275275
PR_HOSTNAME:"pr${{ needs.get_info.outputs.PR_NUMBER }}.${{ secrets.PR_DEPLOYMENTS_DOMAIN }}"
276276
steps:
277277
-name:Harden Runner
278-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
278+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
279279
with:
280280
egress-policy:audit
281281

‎.github/workflows/release-validation.yaml‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ jobs:
1414

1515
steps:
1616
-name:Harden Runner
17-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
17+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
1818
with:
1919
egress-policy:audit
2020

‎.github/workflows/release.yaml‎

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@ jobs:
3737
runs-on:${{ github.repository_owner == 'coder' && 'depot-macos-latest' || 'macos-latest' }}
3838
steps:
3939
-name:Harden Runner
40-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
40+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
4141
with:
4242
egress-policy:audit
4343

@@ -121,7 +121,7 @@ jobs:
121121
version:${{ steps.version.outputs.version }}
122122
steps:
123123
-name:Harden Runner
124-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
124+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
125125
with:
126126
egress-policy:audit
127127

@@ -508,7 +508,7 @@ jobs:
508508
# TODO: skip this if it's not a new release (i.e. a backport). This is
509509
# fine right now because it just makes a PR that we can close.
510510
-name:Harden Runner
511-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
511+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
512512
with:
513513
egress-policy:audit
514514

@@ -584,7 +584,7 @@ jobs:
584584

585585
steps:
586586
-name:Harden Runner
587-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
587+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
588588
with:
589589
egress-policy:audit
590590

@@ -674,7 +674,7 @@ jobs:
674674
if:${{ !inputs.dry_run }}
675675
steps:
676676
-name:Harden Runner
677-
uses:step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7# v2.10.1
677+
uses:step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f# v2.10.2
678678
with:
679679
egress-policy:audit
680680

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp