From 2241e2c1f233969a6650849d38fcf7f8b566aa16 Mon Sep 17 00:00:00 2001 From: Ludy Date: Fri, 10 Jan 2025 12:25:40 +0100 Subject: [PATCH] Add: Harden Runner (#2661) # Description Please provide a summary of the changes, including relevant motivation and context. Closes #(issue_number) ## Checklist - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have performed a self-review of my own code - [ ] I have attached images of the change if it is UI based - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] If my code has heavily changed functionality I have updated relevant docs on [Stirling-PDFs doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) - [x] My changes generate no new warnings - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) --- .github/workflows/releaseArtifacts.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.github/workflows/releaseArtifacts.yml b/.github/workflows/releaseArtifacts.yml index 757d2f32854..4916c56eb89 100644 --- a/.github/workflows/releaseArtifacts.yml +++ b/.github/workflows/releaseArtifacts.yml @@ -82,6 +82,11 @@ jobs: - enable_security: false file_suffix: "" steps: + - name: Harden Runner + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 + with: + egress-policy: audit + - name: Download build artifacts uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: @@ -155,6 +160,11 @@ jobs: - enable_security: false file_suffix: "" steps: + - name: Harden Runner + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 + with: + egress-policy: audit + - name: Download signed artifacts uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: