diff --git a/.github/workflows/ci-actions.yaml b/.github/workflows/ci-actions.yaml index ae4c6ff..92a2339 100644 --- a/.github/workflows/ci-actions.yaml +++ b/.github/workflows/ci-actions.yaml @@ -19,7 +19,7 @@ jobs: actions: read # Needed to read actions steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit diff --git a/.github/workflows/ci-chart.yaml b/.github/workflows/ci-chart.yaml index 8f5ffd7..0aadbbf 100644 --- a/.github/workflows/ci-chart.yaml +++ b/.github/workflows/ci-chart.yaml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit diff --git a/.github/workflows/ci-code.yaml b/.github/workflows/ci-code.yaml index a522c9f..c6a111a 100644 --- a/.github/workflows/ci-code.yaml +++ b/.github/workflows/ci-code.yaml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: harden runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit @@ -42,7 +42,7 @@ jobs: runs-on: ubuntu-latest steps: - name: harden runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit @@ -65,7 +65,7 @@ jobs: runs-on: ubuntu-latest steps: - name: harden runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit @@ -90,7 +90,7 @@ jobs: name: 'Full build linux-${{ matrix.arch }}' steps: - name: harden runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit @@ -120,7 +120,7 @@ jobs: name: 'Full test linux-${{ matrix.arch }}' steps: - name: harden runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit @@ -149,7 +149,7 @@ jobs: name: 'Full clippy linux-${{ matrix.arch }}' steps: - name: harden runner - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index d8778c1..161f346 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -25,7 +25,7 @@ jobs: id-token: write # Needed for cosign to use github OIDC token steps: - name: 'Harden runner' - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit @@ -105,7 +105,7 @@ jobs: packages: write # Needed to write helm chart to ghcr steps: - name: 'Harden runner' - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit