From b8ee861cbce5ca1e8463f73c4bc94d44cb015acd Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 17 Nov 2023 20:00:18 +1300 Subject: [PATCH] chore(deps): update step-security/harden-runner action to v2.6.1 (#101) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate logo banner](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [step-security/harden-runner](https://togithub.com/step-security/harden-runner) | action | patch | `v2.6.0` -> `v2.6.1` | --- ### Release Notes
step-security/harden-runner (step-security/harden-runner) ### [`v2.6.1`](https://togithub.com/step-security/harden-runner/releases/tag/v2.6.1) [Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.6.0...v2.6.1) ##### What's Changed Release v2.6.1 by [@​varunsh-coder](https://togithub.com/varunsh-coder) and [@​h0x0er](https://togithub.com/h0x0er) in [https://github.com/step-security/harden-runner/pull/356](https://togithub.com/step-security/harden-runner/pull/356) This release: 1. Improves the job summary markdown written by the Harden-Runner Action 2. Improves detection of cache endpoint used by the job 3. Detects use of Kubernetes mode in Actions Runner Controller (ARC) based runners 4. Updates dependencies **Full Changelog**: https://github.com/step-security/harden-runner/compare/v2...v2.6.1
--- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/Tuhura-Tech/Wiki). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/lint-pr.yml | 2 +- .github/workflows/scoreboard-security.yml | 2 +- .github/workflows/trufflehog.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/lint-pr.yml b/.github/workflows/lint-pr.yml index f88816c3..ccfcec13 100644 --- a/.github/workflows/lint-pr.yml +++ b/.github/workflows/lint-pr.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true disable-file-monitoring: true diff --git a/.github/workflows/scoreboard-security.yml b/.github/workflows/scoreboard-security.yml index 00a15e6b..912dbc09 100644 --- a/.github/workflows/scoreboard-security.yml +++ b/.github/workflows/scoreboard-security.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/trufflehog.yml b/.github/workflows/trufflehog.yml index 892aac3d..a0ce4658 100644 --- a/.github/workflows/trufflehog.yml +++ b/.github/workflows/trufflehog.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: audit