diff --git a/.github/workflows/audit-dev.yml b/.github/workflows/audit-dev.yml index 154ec6e6..9d2b84df 100644 --- a/.github/workflows/audit-dev.yml +++ b/.github/workflows/audit-dev.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/audit-release.yml b/.github/workflows/audit-release.yml index aca3aa9d..461762a2 100644 --- a/.github/workflows/audit-release.yml +++ b/.github/workflows/audit-release.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index 326c3e2e..6a429d66 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -15,7 +15,7 @@ jobs: security-events: write # To upload CodeQL results steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block @@ -41,7 +41,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block @@ -70,7 +70,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block @@ -99,7 +99,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block @@ -148,7 +148,7 @@ jobs: - transpile steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block @@ -193,7 +193,7 @@ jobs: - test-integration steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block @@ -234,7 +234,7 @@ jobs: - 22.0.0 steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block @@ -277,7 +277,7 @@ jobs: os: windows-2022 steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: false egress-policy: block @@ -326,7 +326,7 @@ jobs: os: windows-2022 steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: false egress-policy: block @@ -364,7 +364,7 @@ jobs: - test-unit steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block @@ -410,7 +410,7 @@ jobs: - test-integration steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: false egress-policy: block @@ -459,7 +459,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block @@ -488,7 +488,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block @@ -517,7 +517,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/config-npm.yml b/.github/workflows/config-npm.yml index 03db81b5..581604ce 100644 --- a/.github/workflows/config-npm.yml +++ b/.github/workflows/config-npm.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block @@ -50,7 +50,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml index 9b4254c9..4ecdd6d7 100644 --- a/.github/workflows/labeler.yml +++ b/.github/workflows/labeler.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 5f8d14ba..29247994 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -22,7 +22,7 @@ jobs: os: windows-2022 steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: false egress-policy: block @@ -67,7 +67,7 @@ jobs: pull-requests: write # To open a Pull Request steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 56f992ab..adea60d7 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -16,7 +16,7 @@ jobs: version: ${{ steps.version.outputs.version }} steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block @@ -65,7 +65,7 @@ jobs: contents: write # To push a ref steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block @@ -109,7 +109,7 @@ jobs: contents: write # To create a GitHub Release steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block @@ -138,7 +138,7 @@ jobs: - check steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c57ca918..27ba5075 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -22,7 +22,7 @@ jobs: pull-requests: write # To open a Pull Request steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/reusable-fuzz.yml b/.github/workflows/reusable-fuzz.yml index 38505a8c..508da834 100644 --- a/.github/workflows/reusable-fuzz.yml +++ b/.github/workflows/reusable-fuzz.yml @@ -28,7 +28,7 @@ jobs: target: ${{ fromJson(inputs.targets) }} steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: egress-policy: block allowed-endpoints: > diff --git a/.github/workflows/secrets.yml b/.github/workflows/secrets.yml index b0179a94..c207628e 100644 --- a/.github/workflows/secrets.yml +++ b/.github/workflows/secrets.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden runner - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 + uses: step-security/harden-runner@446798f8213ac2e75931c1b0769676d927801858 # v2.10.0 with: disable-sudo: true egress-policy: block