chore: bump step-security/harden-runner from 2.8.0 to 2.8.1 (#465)

Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.8.0 to 2.8.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.8.1</h2> <h2>What's Changed</h2> <ul> <li>Bug fix: Update isGitHubHosted implementation by <a href="https://github.com/varunsh-coder"><code>@varunsh-coder</code></a> in <a href="https://redirect.github.com/step-security/harden-runner/pull/425">step-security/harden-runner#425</a> The previous implementation incorrectly identified large GitHub-hosted runners as self-hosted runners. As a result, harden-runner was not executing on these large GitHub-hosted runners.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.8.1">https://github.com/step-security/harden-runner/compare/v2...v2.8.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6"><code>17d0e2b</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/425">#425</a> from step-security/rc-9</li> <li><a href="https://github.com/step-security/harden-runner/commit/bb112d061bf5af75c824cf30dd69cb76b316bd3a"><code>bb112d0</code></a> Update isGitHubHosted implementation</li> <li><a href="https://github.com/step-security/harden-runner/commit/f4f3f445f343c08c93d7771433e8dee4267e05b9"><code>f4f3f44</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/407">#407</a> from step-security/dependabot/github_actions/actions/...</li> <li><a href="https://github.com/step-security/harden-runner/commit/7a946b57df8fca5054684f5beffd1910f681dffd"><code>7a946b5</code></a> Bump actions/dependency-review-action from 3.1.3 to 4.3.2</li> <li><a href="https://github.com/step-security/harden-runner/commit/75a01c2f00ea1ad58b152418d054937c3583861d"><code>75a01c2</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/417">#417</a> from step-security/dependabot/github_actions/step-sec...</li> <li><a href="https://github.com/step-security/harden-runner/commit/53413f1a91b85facf419e9a302ceb22702348ce9"><code>53413f1</code></a> Bump step-security/harden-runner from 2.7.1 to 2.8.0</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/f086349bfa2bd1361f7909c78558e816508cdc10...17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.8.0&new-version=2.8.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Heba <31887807+helayoty@users.noreply.github.com>
kaito-project · Jun 10, 2024 · ffcafbb · ffcafbb
1 parent fb9b7da
commit ffcafbb
Show file tree

Hide file tree

Showing 10 changed files with 10 additions and 10 deletions.
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -22,7 +22,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
+        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/create-release.yml b/.github/workflows/create-release.yml
@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
+        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
+        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/e2e-workflow.yml b/.github/workflows/e2e-workflow.yml
@@ -49,7 +49,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
+        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/helm-chart.yml b/.github/workflows/helm-chart.yml
@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
+        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/lint-go.yml b/.github/workflows/lint-go.yml
@@ -25,7 +25,7 @@ jobs:
       contents: read
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
+        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/markdown-link-check.yml b/.github/workflows/markdown-link-check.yml
@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
+        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/pr-title-lint.yml b/.github/workflows/pr-title-lint.yml
@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
+        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/publish-gh-image.yml b/.github/workflows/publish-gh-image.yml
@@ -33,7 +33,7 @@ jobs:
             echo "tag=$(echo ${{ github.event.inputs.release_version }})" >> $GITHUB_OUTPUT
 
       - name: Harden Runner
-        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
+        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -25,7 +25,7 @@ jobs:
     environment: unit-tests
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
+        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
         with:
           egress-policy: audit