Skip to content

chore: update step-security/harden-runner action to v2.12.1 #131

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore: update step-security/harden-runner action to v2.12.1 #131

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jan 9, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change
step-security/harden-runner action minor v2.10.2 -> v2.12.1

Release Notes

step-security/harden-runner (step-security/harden-runner)

v2.12.1

Compare Source

What's Changed
  • Detection capabilities have been upgraded to better recognize attempts at runner tampering. These improvements are informed by real-world incident learnings, including analysis of anomalous behaviors observed in the tj-actions and reviewdog supply chain attack.
  • Resolved an issue where the block policy was not enforced correctly when the GitHub Actions job was running inside a container on a self-hosted VM runner.

Full Changelog: step-security/harden-runner@v2...v2.12.1

v2.12.0

Compare Source

What's Changed

  1. A new option, disable-sudo-and-containers, is now available to replace the disable-sudo policy, addressing Docker-based privilege escalation (CVE-2025-32955). More details can be found in this blog post.

  2. New detections have been added based on insights from the tj-actions and reviewdog actions incidents.

Full Changelog: step-security/harden-runner@v2...v2.12.0

v2.11.1

Compare Source

What's Changed

Full Changelog: step-security/harden-runner@v2...v2.11.1

v2.11.0

Compare Source

What's Changed

Release v2.11.0 in #​498
Harden-Runner Enterprise tier now supports the use of eBPF for DNS resolution and network call monitoring

Full Changelog: step-security/harden-runner@v2...v2.11.0

v2.10.4

Compare Source

What's Changed

Fixed a potential Harden-Runner post step failure that could occur when printing agent service logs. The fix gracefully handles failures without failing the post step.

Full Changelog: step-security/harden-runner@v2...v2.10.4

v2.10.3

Compare Source

What's Changed

Fixed an issue where DNS requests using uppercase characters (e.g., EXAMPLE.com) were blocked even when the domain was present in the allowed list. This update standardizes domain names to lowercase for consistent comparison.

Full Changelog: step-security/harden-runner@v2...v2.10.3

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies label Jan 9, 2025
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from 4a0a726 to 090a168 Compare January 20, 2025 01:36
@renovate renovate bot changed the title chore: update step-security/harden-runner action to v2.10.3 chore: update step-security/harden-runner action to v2.10.4 Jan 20, 2025
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from 090a168 to 81b408d Compare February 17, 2025 03:32
@renovate renovate bot changed the title chore: update step-security/harden-runner action to v2.10.4 chore: update step-security/harden-runner action to v2.11.0 Feb 17, 2025
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch 3 times, most recently from fba926e to 6762c00 Compare March 17, 2025 16:13
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch 2 times, most recently from ad624bc to 6ebd719 Compare March 31, 2025 23:54
@renovate renovate bot changed the title chore: update step-security/harden-runner action to v2.11.0 chore: update step-security/harden-runner action to v2.11.1 Apr 1, 2025
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch 2 times, most recently from 9a33ce8 to d750d95 Compare April 7, 2025 03:02
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch 2 times, most recently from 2d3a3c4 to fe415c9 Compare April 15, 2025 01:10
@renovate renovate bot changed the title chore: update step-security/harden-runner action to v2.11.1 chore: update step-security/harden-runner action to v2.12.0 Apr 21, 2025
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from fe415c9 to e75de74 Compare April 21, 2025 23:08
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch 2 times, most recently from 088e51c to 1bd97bb Compare May 22, 2025 19:43
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from 1bd97bb to 370518a Compare June 10, 2025 03:12
@renovate
chore: update step-security/harden-runner action to v2.12.1
e175a01 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate renovate bot changed the title chore: update step-security/harden-runner action to v2.12.0 chore: update step-security/harden-runner action to v2.12.1 Jun 11, 2025
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from 370518a to e175a01 Compare June 11, 2025 16:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants