diff --git a/.github/workflows/go-dep-submission.yml b/.github/workflows/go-dep-submission.yml index 31bf6c4..fd20fba 100644 --- a/.github/workflows/go-dep-submission.yml +++ b/.github/workflows/go-dep-submission.yml @@ -20,7 +20,7 @@ jobs: contents: write steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index d650251..f7211fd 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -26,7 +26,7 @@ jobs: name: Scan for issues steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/govulncheck.yml b/.github/workflows/govulncheck.yml index 9bcdde8..e04bec2 100644 --- a/.github/workflows/govulncheck.yml +++ b/.github/workflows/govulncheck.yml @@ -25,7 +25,7 @@ jobs: name: Scan for vulns steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/osv-scanner.yml b/.github/workflows/osv-scanner.yml index 6e1242a..b69b323 100644 --- a/.github/workflows/osv-scanner.yml +++ b/.github/workflows/osv-scanner.yml @@ -25,7 +25,7 @@ jobs: name: Scan for vulns steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: disable-sudo: false egress-policy: block diff --git a/.github/workflows/pr-dep-review.yml b/.github/workflows/pr-dep-review.yml index cc51588..aa057ef 100644 --- a/.github/workflows/pr-dep-review.yml +++ b/.github/workflows/pr-dep-review.yml @@ -17,7 +17,7 @@ jobs: pull-requests: write steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 7b54daa..fe98f0b 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -37,7 +37,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/trufflehog.yml b/.github/workflows/trufflehog.yml index 528769d..a84aa59 100644 --- a/.github/workflows/trufflehog.yml +++ b/.github/workflows/trufflehog.yml @@ -26,7 +26,7 @@ jobs: name: Scan for secrets steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/update-on-push.yml b/.github/workflows/update-on-push.yml index 01ead17..8092d5f 100644 --- a/.github/workflows/update-on-push.yml +++ b/.github/workflows/update-on-push.yml @@ -25,7 +25,7 @@ jobs: contents: write steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 with: disable-sudo: true egress-policy: block