diff --git a/.github/workflows/ci-test.yaml b/.github/workflows/ci-test.yaml index 8589fa62..594874b0 100644 --- a/.github/workflows/ci-test.yaml +++ b/.github/workflows/ci-test.yaml @@ -18,7 +18,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 + uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/comment-test.yaml b/.github/workflows/comment-test.yaml index 5dc4bdfb..5abcc0d3 100644 --- a/.github/workflows/comment-test.yaml +++ b/.github/workflows/comment-test.yaml @@ -19,7 +19,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 + uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: disable-sudo: true egress-policy: block @@ -81,7 +81,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 + uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/gitleaks-workflow.yaml b/.github/workflows/gitleaks-workflow.yaml index 138f7d63..90897f18 100644 --- a/.github/workflows/gitleaks-workflow.yaml +++ b/.github/workflows/gitleaks-workflow.yaml @@ -28,7 +28,7 @@ jobs: steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 + uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/review-trivyignore.yaml b/.github/workflows/review-trivyignore.yaml index c20d44ee..b0d4d122 100644 --- a/.github/workflows/review-trivyignore.yaml +++ b/.github/workflows/review-trivyignore.yaml @@ -25,7 +25,7 @@ jobs: steps: - name: Harden the runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 + uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: egress-policy: audit diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 11c57f1f..630414b6 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -26,7 +26,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 + uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/sonarcloud.yaml b/.github/workflows/sonarcloud.yaml index 7048f5e0..9f175137 100644 --- a/.github/workflows/sonarcloud.yaml +++ b/.github/workflows/sonarcloud.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 + uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml index 72369cf0..5bbad7e4 100644 --- a/.github/workflows/trivy.yaml +++ b/.github/workflows/trivy.yaml @@ -33,7 +33,7 @@ jobs: pull-requests: write steps: - name: Harden the runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 + uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: egress-policy: block allowed-endpoints: > @@ -209,7 +209,7 @@ jobs: steps: - name: Harden the runner - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 + uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: egress-policy: block allowed-endpoints: >