From bf720a4960798c8abd46309c5196d608f315ee13 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 10 Apr 2026 06:44:31 +0000 Subject: [PATCH] chore(deps): bump the all group with 2 updates Bumps the all group with 2 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner) and [step-security/action-actionlint](https://github.com/step-security/action-actionlint). Updates `step-security/harden-runner` from 2.16.1 to 2.17.0 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/fe104658747b27e96e4f7e80cd0a94068e53901d...f808768d1510423e83855289c910610ca9b43176) Updates `step-security/action-actionlint` from 1.69.1 to 1.72.0 - [Release notes](https://github.com/step-security/action-actionlint/releases) - [Commits](https://github.com/step-security/action-actionlint/compare/d364e70a116a460ed220d67b1ca2f2579c48a40a...c3aa382d371c6b05513ae5907d4f77713e21813c) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.17.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: step-security/action-actionlint dependency-version: 1.72.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all ... Signed-off-by: dependabot[bot] --- .github/workflows/actionlint.yaml | 4 ++-- .github/workflows/codeql.yaml | 4 ++-- .github/workflows/fuzz.yaml | 2 +- .github/workflows/release.yaml | 2 +- .github/workflows/scorecard.yml | 2 +- .github/workflows/style.yaml | 8 ++++---- .github/workflows/update-yara-x.yaml | 4 ++-- .github/workflows/version.yaml | 2 +- .github/workflows/zizmor.yaml | 2 +- 9 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/actionlint.yaml b/.github/workflows/actionlint.yaml index ceb32b20f..aef48cce5 100644 --- a/.github/workflows/actionlint.yaml +++ b/.github/workflows/actionlint.yaml @@ -24,7 +24,7 @@ jobs: name: Action lint runs-on: ubuntu-latest steps: - - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: egress-policy: block allowed-endpoints: > @@ -48,7 +48,7 @@ jobs: echo "files=${yamls[*]}" >> "${GITHUB_OUTPUT}" - name: Action lint - uses: step-security/action-actionlint@d364e70a116a460ed220d67b1ca2f2579c48a40a # v1.69.1 + uses: step-security/action-actionlint@c3aa382d371c6b05513ae5907d4f77713e21813c # v1.72.0 env: SHELLCHECK_OPTS: "--exclude=SC2129" with: diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index e4bc517d3..7310d52fc 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -26,7 +26,7 @@ jobs: packages: read security-events: write steps: - - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: egress-policy: block allowed-endpoints: > @@ -114,7 +114,7 @@ jobs: packages: read security-events: write steps: - - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: egress-policy: block allowed-endpoints: > diff --git a/.github/workflows/fuzz.yaml b/.github/workflows/fuzz.yaml index 6cbb77330..941dceaef 100644 --- a/.github/workflows/fuzz.yaml +++ b/.github/workflows/fuzz.yaml @@ -45,7 +45,7 @@ jobs: targets: ${{ steps.find.outputs.targets }} steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: egress-policy: block allowed-endpoints: > diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 780d058ca..2896d8d36 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -19,7 +19,7 @@ jobs: id-token: write contents: write steps: - - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: egress-policy: block allowed-endpoints: > diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 42a0f8b12..ae26eb75b 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: egress-policy: block allowed-endpoints: > diff --git a/.github/workflows/style.yaml b/.github/workflows/style.yaml index 69b818ba0..fa463854a 100644 --- a/.github/workflows/style.yaml +++ b/.github/workflows/style.yaml @@ -25,7 +25,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: egress-policy: block allowed-endpoints: > @@ -62,7 +62,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: egress-policy: block allowed-endpoints: > @@ -105,7 +105,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: egress-policy: block allowed-endpoints: > @@ -143,7 +143,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: egress-policy: block allowed-endpoints: > diff --git a/.github/workflows/update-yara-x.yaml b/.github/workflows/update-yara-x.yaml index 002ce3d05..32fe081cf 100644 --- a/.github/workflows/update-yara-x.yaml +++ b/.github/workflows/update-yara-x.yaml @@ -21,7 +21,7 @@ jobs: new_version: ${{ steps.check.outputs.new_version }} steps: - name: Harden Runner - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: egress-policy: block allowed-endpoints: > @@ -88,7 +88,7 @@ jobs: pull-requests: write steps: - name: Harden Runner - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: egress-policy: block allowed-endpoints: > diff --git a/.github/workflows/version.yaml b/.github/workflows/version.yaml index 51ac052ce..adf7b95fa 100644 --- a/.github/workflows/version.yaml +++ b/.github/workflows/version.yaml @@ -26,7 +26,7 @@ jobs: id-token: write pull-requests: write steps: - - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: egress-policy: block allowed-endpoints: > diff --git a/.github/workflows/zizmor.yaml b/.github/workflows/zizmor.yaml index 44390ecea..f876d1900 100644 --- a/.github/workflows/zizmor.yaml +++ b/.github/workflows/zizmor.yaml @@ -26,7 +26,7 @@ jobs: contents: read # Clone the repository security-events: write # Upload SARIF results to Code Scanning steps: - - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 + - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 with: egress-policy: block allowed-endpoints: >