From d4b75f9b8bf2e58a16d7e57edd2374d9d9da2a01 Mon Sep 17 00:00:00 2001
From: Ludy87 <Ludy87@users.noreply.github.com>
Date: Fri, 10 Jan 2025 12:09:26 +0100
Subject: [PATCH] Add: Harden Runner

---
 .github/workflows/releaseArtifacts.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/.github/workflows/releaseArtifacts.yml b/.github/workflows/releaseArtifacts.yml
index 757d2f32854..4916c56eb89 100644
--- a/.github/workflows/releaseArtifacts.yml
+++ b/.github/workflows/releaseArtifacts.yml
@@ -82,6 +82,11 @@ jobs:
           - enable_security: false
             file_suffix: ""
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
+        with:
+          egress-policy: audit
+
       - name: Download build artifacts
         uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
         with:
@@ -155,6 +160,11 @@ jobs:
           - enable_security: false
             file_suffix: ""
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
+        with:
+          egress-policy: audit
+
       - name: Download signed artifacts
         uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
         with: