From b6256fa8411a639ad7cb1981ba39621159babd26 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 3 Feb 2025 05:08:34 +0000 Subject: [PATCH] chore(deps): bump step-security/harden-runner from 2.10.0 to 2.10.4 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.10.0 to 2.10.4. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/446798f8213ac2e75931c1b0769676d927801858...cb605e52c26070c328afc4562f0b4ada7618a84e) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yml | 2 +- .github/workflows/contracts-testing.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/deploy-bots.yml | 2 +- .github/workflows/deploy-subgraph.yml | 2 +- .github/workflows/scorecards.yml | 2 +- .github/workflows/sentry-release.yml | 2 +- .github/workflows/sonarcloud.yml | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index eb1ca0ce8..c7b088412 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -38,7 +38,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.3 + uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.3 with: egress-policy: audit diff --git a/.github/workflows/contracts-testing.yml b/.github/workflows/contracts-testing.yml index 0bde272b7..7298a9fbc 100644 --- a/.github/workflows/contracts-testing.yml +++ b/.github/workflows/contracts-testing.yml @@ -24,7 +24,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.3 + uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.3 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 2076bb0a3..07757cbed 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.3 + uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.3 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/deploy-bots.yml b/.github/workflows/deploy-bots.yml index 4794efaad..fe6b2b7d5 100644 --- a/.github/workflows/deploy-bots.yml +++ b/.github/workflows/deploy-bots.yml @@ -8,7 +8,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.3 + uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.3 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/deploy-subgraph.yml b/.github/workflows/deploy-subgraph.yml index ea0963dcc..e72d1e9fb 100644 --- a/.github/workflows/deploy-subgraph.yml +++ b/.github/workflows/deploy-subgraph.yml @@ -35,7 +35,7 @@ jobs: environment: ${{ inputs.graph_environment }} steps: - name: Harden Runner - uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.3 + uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.3 with: egress-policy: audit diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index fcb8916f4..260f277fd 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -32,7 +32,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.3 + uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.3 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/sentry-release.yml b/.github/workflows/sentry-release.yml index 3f6ae2d50..96ff110e0 100644 --- a/.github/workflows/sentry-release.yml +++ b/.github/workflows/sentry-release.yml @@ -17,7 +17,7 @@ jobs: version: ${{ steps.set-version.outputs.version }} steps: - name: Harden Runner - uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.3 + uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.3 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml index bea307bb3..b702f95e4 100644 --- a/.github/workflows/sonarcloud.yml +++ b/.github/workflows/sonarcloud.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.3 + uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.3 with: egress-policy: audit