From aced227ebf6baa427afa17270cf7ce45a651cd88 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 17 Nov 2023 17:46:56 +1100 Subject: [PATCH] chore(deps): update step-security/harden-runner action to v2.6.1 (#549) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/bank.f5labs.dev-k6-tests.yaml | 2 +- .github/workflows/bank.f5labs.dev-zap-baseline.yml | 2 +- .github/workflows/bank.f5labs.dev-zap-full.yml | 2 +- .github/workflows/github-issue-labeler.yml | 2 +- .github/workflows/github-tag-for-deployment.yml | 2 +- .github/workflows/gql.f5labs.dev-zap-baseline.yml | 2 +- .github/workflows/gql.f5labs.dev-zap-full.yml | 2 +- .github/workflows/hapi.f5labs.dev-newman-tests.yaml | 2 +- .github/workflows/hapi.f5labs.dev-zap-api.yml | 2 +- .github/workflows/hapi.f5labs.dev-zap-baseline.yml | 2 +- .github/workflows/hapi.f5labs.dev-zap-full.yml | 2 +- .github/workflows/secops-code-scan.yml | 2 +- .github/workflows/secops-dependency-review.yml | 2 +- .github/workflows/secops-scorecard.yml | 2 +- 14 files changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/bank.f5labs.dev-k6-tests.yaml b/.github/workflows/bank.f5labs.dev-k6-tests.yaml index 1143e8ac7..b6087644e 100644 --- a/.github/workflows/bank.f5labs.dev-k6-tests.yaml +++ b/.github/workflows/bank.f5labs.dev-k6-tests.yaml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/bank.f5labs.dev-zap-baseline.yml b/.github/workflows/bank.f5labs.dev-zap-baseline.yml index c12e1cf7e..a7f41bc65 100644 --- a/.github/workflows/bank.f5labs.dev-zap-baseline.yml +++ b/.github/workflows/bank.f5labs.dev-zap-baseline.yml @@ -14,7 +14,7 @@ jobs: issues: write steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: ZAP Scan diff --git a/.github/workflows/bank.f5labs.dev-zap-full.yml b/.github/workflows/bank.f5labs.dev-zap-full.yml index a96d4811a..bbabf9b28 100644 --- a/.github/workflows/bank.f5labs.dev-zap-full.yml +++ b/.github/workflows/bank.f5labs.dev-zap-full.yml @@ -14,7 +14,7 @@ jobs: issues: write steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: ZAP Scan diff --git a/.github/workflows/github-issue-labeler.yml b/.github/workflows/github-issue-labeler.yml index 051c147ab..fea80d7a9 100644 --- a/.github/workflows/github-issue-labeler.yml +++ b/.github/workflows/github-issue-labeler.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - uses: github/issue-labeler@v3.3 #May not be the latest version diff --git a/.github/workflows/github-tag-for-deployment.yml b/.github/workflows/github-tag-for-deployment.yml index fbb09a048..4734daeff 100644 --- a/.github/workflows/github-tag-for-deployment.yml +++ b/.github/workflows/github-tag-for-deployment.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit - name: Checkout repository diff --git a/.github/workflows/gql.f5labs.dev-zap-baseline.yml b/.github/workflows/gql.f5labs.dev-zap-baseline.yml index 39532fa34..554d2e14b 100644 --- a/.github/workflows/gql.f5labs.dev-zap-baseline.yml +++ b/.github/workflows/gql.f5labs.dev-zap-baseline.yml @@ -14,7 +14,7 @@ jobs: issues: write steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: ZAP Scan diff --git a/.github/workflows/gql.f5labs.dev-zap-full.yml b/.github/workflows/gql.f5labs.dev-zap-full.yml index 7524ab62f..57f23fb02 100644 --- a/.github/workflows/gql.f5labs.dev-zap-full.yml +++ b/.github/workflows/gql.f5labs.dev-zap-full.yml @@ -14,7 +14,7 @@ jobs: issues: write steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: ZAP Scan diff --git a/.github/workflows/hapi.f5labs.dev-newman-tests.yaml b/.github/workflows/hapi.f5labs.dev-newman-tests.yaml index c2b08229e..0e86e5e84 100644 --- a/.github/workflows/hapi.f5labs.dev-newman-tests.yaml +++ b/.github/workflows/hapi.f5labs.dev-newman-tests.yaml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/hapi.f5labs.dev-zap-api.yml b/.github/workflows/hapi.f5labs.dev-zap-api.yml index 6afadf1e6..2616e4e3d 100644 --- a/.github/workflows/hapi.f5labs.dev-zap-api.yml +++ b/.github/workflows/hapi.f5labs.dev-zap-api.yml @@ -14,7 +14,7 @@ jobs: issues: write steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout diff --git a/.github/workflows/hapi.f5labs.dev-zap-baseline.yml b/.github/workflows/hapi.f5labs.dev-zap-baseline.yml index 694192df8..929bbb456 100644 --- a/.github/workflows/hapi.f5labs.dev-zap-baseline.yml +++ b/.github/workflows/hapi.f5labs.dev-zap-baseline.yml @@ -14,7 +14,7 @@ jobs: issues: write steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: ZAP Scan diff --git a/.github/workflows/hapi.f5labs.dev-zap-full.yml b/.github/workflows/hapi.f5labs.dev-zap-full.yml index 1dde6d9b5..42809654c 100644 --- a/.github/workflows/hapi.f5labs.dev-zap-full.yml +++ b/.github/workflows/hapi.f5labs.dev-zap-full.yml @@ -14,7 +14,7 @@ jobs: issues: write steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: ZAP Scan diff --git a/.github/workflows/secops-code-scan.yml b/.github/workflows/secops-code-scan.yml index 5f7bc3551..8978226a5 100644 --- a/.github/workflows/secops-code-scan.yml +++ b/.github/workflows/secops-code-scan.yml @@ -29,7 +29,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/secops-dependency-review.yml b/.github/workflows/secops-dependency-review.yml index 55db1100d..ed399bff5 100644 --- a/.github/workflows/secops-dependency-review.yml +++ b/.github/workflows/secops-dependency-review.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/secops-scorecard.yml b/.github/workflows/secops-scorecard.yml index eaf3458c3..0b1b9e6ce 100644 --- a/.github/workflows/secops-scorecard.yml +++ b/.github/workflows/secops-scorecard.yml @@ -28,7 +28,7 @@ jobs: actions: read steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: "Checkout code"