From 15cc2039de6c4019c86a15fc360c803fcaf0cfaf Mon Sep 17 00:00:00 2001 From: Matt Raible Date: Tue, 24 Feb 2026 07:25:21 -0700 Subject: [PATCH 1/2] Remove step-security/harden-runner and update actions Remove step-security/harden-runner from the CI workflow to align with all other foundry sample repositories. Update actions/checkout from v3.6.0 to v6.0.1 and actions/setup-python from v3.1.4 to v6.0.0 to match approved versions used across the org. --- .github/workflows/python-package.yml | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/.github/workflows/python-package.yml b/.github/workflows/python-package.yml index 008e20c..71f46b3 100644 --- a/.github/workflows/python-package.yml +++ b/.github/workflows/python-package.yml @@ -22,13 +22,9 @@ jobs: python-version: ["3.9", "3.10", "3.11"] steps: - - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 - with: - egress-policy: audit - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@3542bca2639a428e1796aaa6a2ffef0c0f575566 # v3.1.4 + uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 with: python-version: ${{ matrix.python-version }} - name: Install dependencies From 55a1f8f0dc8626b032d5ca5e1f7521366adc4003 Mon Sep 17 00:00:00 2001 From: Matt Raible Date: Tue, 24 Feb 2026 09:51:43 -0700 Subject: [PATCH 2/2] Downgrade pytest minimum to 8.4.2 for Python 3.9 compatibility --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index f6c3a53..223b692 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,4 @@ build>=1.0.3 -pytest>=9.0.2 +pytest>=8.4.2 python-multipart>=0.0.20 urllib3>=2.6.3