From cccc7c3b4c8dadd9d20a47cb148cc34885743d1c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 5 Sep 2024 08:07:39 +1000 Subject: [PATCH] chore(deps): update step-security/harden-runner action to v2.9.1 (#645) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/bank.f5labs.dev-k6-tests.yaml | 2 +- .github/workflows/bank.f5labs.dev-zap-baseline.yml | 2 +- .github/workflows/bank.f5labs.dev-zap-full.yml | 2 +- .github/workflows/github-issue-labeler.yml | 2 +- .github/workflows/github-tag-for-deployment.yml | 2 +- .github/workflows/gql.f5labs.dev-zap-baseline.yml | 2 +- .github/workflows/gql.f5labs.dev-zap-full.yml | 2 +- .github/workflows/hapi.f5labs.dev-newman-tests.yaml | 2 +- .github/workflows/hapi.f5labs.dev-zap-api.yml | 2 +- .github/workflows/hapi.f5labs.dev-zap-baseline.yml | 2 +- .github/workflows/hapi.f5labs.dev-zap-full.yml | 2 +- .github/workflows/secops-code-scan.yml | 2 +- .github/workflows/secops-dependency-review.yml | 2 +- .github/workflows/secops-scorecard.yml | 2 +- 14 files changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/bank.f5labs.dev-k6-tests.yaml b/.github/workflows/bank.f5labs.dev-k6-tests.yaml index 49570f88d..35d38b905 100644 --- a/.github/workflows/bank.f5labs.dev-k6-tests.yaml +++ b/.github/workflows/bank.f5labs.dev-k6-tests.yaml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/bank.f5labs.dev-zap-baseline.yml b/.github/workflows/bank.f5labs.dev-zap-baseline.yml index 741b207bd..6a5a356b6 100644 --- a/.github/workflows/bank.f5labs.dev-zap-baseline.yml +++ b/.github/workflows/bank.f5labs.dev-zap-baseline.yml @@ -14,7 +14,7 @@ jobs: issues: write steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: ZAP Scan diff --git a/.github/workflows/bank.f5labs.dev-zap-full.yml b/.github/workflows/bank.f5labs.dev-zap-full.yml index fbd63a3c0..b7db86b5c 100644 --- a/.github/workflows/bank.f5labs.dev-zap-full.yml +++ b/.github/workflows/bank.f5labs.dev-zap-full.yml @@ -14,7 +14,7 @@ jobs: issues: write steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: ZAP Scan diff --git a/.github/workflows/github-issue-labeler.yml b/.github/workflows/github-issue-labeler.yml index 712bfa618..572d7075e 100644 --- a/.github/workflows/github-issue-labeler.yml +++ b/.github/workflows/github-issue-labeler.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - uses: github/issue-labeler@v3.4 #May not be the latest version diff --git a/.github/workflows/github-tag-for-deployment.yml b/.github/workflows/github-tag-for-deployment.yml index ee249ab51..82381aa84 100644 --- a/.github/workflows/github-tag-for-deployment.yml +++ b/.github/workflows/github-tag-for-deployment.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit - name: Checkout repository diff --git a/.github/workflows/gql.f5labs.dev-zap-baseline.yml b/.github/workflows/gql.f5labs.dev-zap-baseline.yml index 20ef0868c..29f84dcdb 100644 --- a/.github/workflows/gql.f5labs.dev-zap-baseline.yml +++ b/.github/workflows/gql.f5labs.dev-zap-baseline.yml @@ -14,7 +14,7 @@ jobs: issues: write steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: ZAP Scan diff --git a/.github/workflows/gql.f5labs.dev-zap-full.yml b/.github/workflows/gql.f5labs.dev-zap-full.yml index b6c1e5074..f8f41f429 100644 --- a/.github/workflows/gql.f5labs.dev-zap-full.yml +++ b/.github/workflows/gql.f5labs.dev-zap-full.yml @@ -14,7 +14,7 @@ jobs: issues: write steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: ZAP Scan diff --git a/.github/workflows/hapi.f5labs.dev-newman-tests.yaml b/.github/workflows/hapi.f5labs.dev-newman-tests.yaml index c228f4b3b..343d46e2b 100644 --- a/.github/workflows/hapi.f5labs.dev-newman-tests.yaml +++ b/.github/workflows/hapi.f5labs.dev-newman-tests.yaml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/hapi.f5labs.dev-zap-api.yml b/.github/workflows/hapi.f5labs.dev-zap-api.yml index dd00330eb..a35b462e0 100644 --- a/.github/workflows/hapi.f5labs.dev-zap-api.yml +++ b/.github/workflows/hapi.f5labs.dev-zap-api.yml @@ -14,7 +14,7 @@ jobs: issues: write steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout diff --git a/.github/workflows/hapi.f5labs.dev-zap-baseline.yml b/.github/workflows/hapi.f5labs.dev-zap-baseline.yml index 3cfa85e2f..6b7046723 100644 --- a/.github/workflows/hapi.f5labs.dev-zap-baseline.yml +++ b/.github/workflows/hapi.f5labs.dev-zap-baseline.yml @@ -14,7 +14,7 @@ jobs: issues: write steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: ZAP Scan diff --git a/.github/workflows/hapi.f5labs.dev-zap-full.yml b/.github/workflows/hapi.f5labs.dev-zap-full.yml index c916105c8..308b62f89 100644 --- a/.github/workflows/hapi.f5labs.dev-zap-full.yml +++ b/.github/workflows/hapi.f5labs.dev-zap-full.yml @@ -14,7 +14,7 @@ jobs: issues: write steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: ZAP Scan diff --git a/.github/workflows/secops-code-scan.yml b/.github/workflows/secops-code-scan.yml index 66fbe8261..28509e4fa 100644 --- a/.github/workflows/secops-code-scan.yml +++ b/.github/workflows/secops-code-scan.yml @@ -29,7 +29,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/secops-dependency-review.yml b/.github/workflows/secops-dependency-review.yml index f25511c06..90686af29 100644 --- a/.github/workflows/secops-dependency-review.yml +++ b/.github/workflows/secops-dependency-review.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/secops-scorecard.yml b/.github/workflows/secops-scorecard.yml index 0ae676917..c632e07cc 100644 --- a/.github/workflows/secops-scorecard.yml +++ b/.github/workflows/secops-scorecard.yml @@ -28,7 +28,7 @@ jobs: actions: read steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: "Checkout code"