diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 467ce9b8..e335cc58 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -40,7 +40,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@03bee3930647ebbf994244c21ddbc0d4933aab4f + uses: step-security/harden-runner@6b3083af2869dc3314a0257a42f4af696cc79ba3 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/pr_build.yml b/.github/workflows/pr_build.yml index a1c51efc..93bec8ba 100644 --- a/.github/workflows/pr_build.yml +++ b/.github/workflows/pr_build.yml @@ -12,7 +12,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@03bee3930647ebbf994244c21ddbc0d4933aab4f + uses: step-security/harden-runner@6b3083af2869dc3314a0257a42f4af696cc79ba3 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 0738b276..ac4ddd2b 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -26,7 +26,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@03bee3930647ebbf994244c21ddbc0d4933aab4f + uses: step-security/harden-runner@6b3083af2869dc3314a0257a42f4af696cc79ba3 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 92815402..091a6afa 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -17,7 +17,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@03bee3930647ebbf994244c21ddbc0d4933aab4f + uses: step-security/harden-runner@6b3083af2869dc3314a0257a42f4af696cc79ba3 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs