Bump step-security/harden-runner from 2.13.2 to 2.13.3#147
Closed
dependabot[bot] wants to merge 1 commit intomasterfrom
Closed
Bump step-security/harden-runner from 2.13.2 to 2.13.3#147dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot[bot] wants to merge 1 commit intomasterfrom
Conversation
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.13.2 to 2.13.3. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@95d9a5d...df199fb) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.13.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
|
PR: #147 |
|
Change raised in Gerrit by GitHub2Gerrit: https://gerrit.onap.org/r/c/portal-ng/ui/+/142682 |
|
Auto-closing pull request |
Contributor
Author
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
dependabot
Bot
deleted the
dependabot/github_actions/step-security/harden-runner-2.13.3
branch
onap-github
pushed a commit
that referenced
this pull request
Dec 8, 2025
## Release notes Sourced from step-security/harden-runner's releases. v2.13.3 What's Changed Fixed an issue where process events were not uploaded in certain edge cases. Full Changelog: step-security/harden-runner@v2.13.2...v2.13.3 ## Commits df199fb Merge pull request #620 from step-security/rc-29 03d096a update agent 4090107 fix: update agent See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org> Change-Id: I077fe248ca7afeede5145880a33be47d8ebf7dad GitHub-PR: #147 GitHub-Hash: 3195e4abb3bfe067
onap-github
pushed a commit
that referenced
this pull request
Mar 10, 2026
## Release notes Sourced from lfreleng-actions/github2gerrit-action's releases. v1.0.8 New Features Feat: Implement fallback missing change creation @ModeSevenIndustrialSolutions (#145) Maintenance Chore: pre-commit autoupdate @pre-commit-ci[bot] (#150) Chore: Bump ruff from 0.15.2 to 0.15.4 @dependabot[bot] (#149) Chore: Bump actions/upload-artifact from 6.0.0 to 7.0.0 @dependabot[bot] (#148) Chore: Bump astral-sh/setup-uv from 7.3.0 to 7.3.1 @dependabot[bot] (#147) Chore: Bump actions/download-artifact from 7.0.0 to 8.0.0 @dependabot[bot] (#146) Links Submit bugs/feature requests v1.0.7 New Features Feat: Improve CI workflows, PR trigger support, and test reliability @ModeSevenIndustrialSolutions (#144) Maintenance Chore: Bump typer from 0.24.0 to 0.24.1 @dependabot[bot] (#139) Chore: pre-commit autoupdate @pre-commit-ci[bot] (#140) Chore: Bump lfreleng-actions/pypi-publish-action from 0.1.4 to 0.1.5 @dependabot[bot] (#141) Chore: Bump step-security/harden-runner from 2.14.2 to 2.15.0 @dependabot[bot] (#142) Chore: Bump hatchling from 1.28.0 to 1.29.0 @dependabot[bot] (#143) Links Submit bugs/feature requests v1.0.6 Bug Fixes Fix: Add shallow clone deepening fallback for git merge --squash @ModeSevenIndustrialSolutions (#134) Maintenance Chore: Bump step-security/harden-runner from 2.14.1 to 2.14.2 @dependabot[bot] (#124) Chore: Bump lfreleng-actions/python-build-action from 1.0.2 to 1.0.3 @dependabot[bot] (#128) Chore: Bump astral-sh/setup-uv from 7.2.1 to 7.3.0 @dependabot[bot] (#126) Chore: Bump anchore/scan-action from 7.3.1 to 7.3.2 @dependabot[bot] (#125) Chore: Bump ruff from 0.14.14 to 0.15.0 @dependabot[bot] (#127) Chore: pre-commit autoupdate @pre-commit-ci[bot] (#129) Chore: pre-commit autoupdate @pre-commit-ci[bot] (#132) Chore: Bump typer from 0.21.1 to 0.23.1 @dependabot[bot] (#130) Chore: Bump ruff from 0.15.0 to 0.15.1 @dependabot[bot] (#131) Chore: Bump responses from 0.25.8 to 0.26.0 @dependabot[bot] (#138) Chore: Bump ruff from 0.15.1 to 0.15.2 @dependabot[bot] (#137) ... (truncated) ## Commits de84770 Merge pull request #145 from modeseven-lfreleng-actions/implement-keyword-com dbc56c4 Fix: Respect CLI flag precedence and correct match ordering 7c645ad Fix: Add missing negation flags for boolean CLI options ef32b3c Fix: SSH back-reference comments and shallow clone warning 01aa460 Chore: Fix emoji rendering in terminal progress output f09be43 Merge pull request #146 from lfreleng-actions/dependabot/github_actions/actio 7aaa866 Merge pull request #147 from lfreleng-actions/dependabot/github_actions/astra ffe24a2 Merge pull request #148 from lfreleng-actions/dependabot/github_actions/actio cc4fc6d Merge pull request #149 from lfreleng-actions/dependabot/uv/ruff-0.15.4 1f9db2a Merge pull request #150 from lfreleng-actions/pre-commit-ci-update-config Additional commits viewable in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: I40c890ac825105edb5259800a58298d48d40ada2 GitHub-PR: #168 GitHub-Hash: 148d333d2b3a91d2 Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps step-security/harden-runner from 2.13.2 to 2.13.3.
Release notes
Sourced from step-security/harden-runner's releases.
Commits
df199fbMerge pull request #620 from step-security/rc-2903d096aupdate agent4090107fix: update agentDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)