diff --git a/.github/workflows/auto-merge-dependabot-workflow.yaml b/.github/workflows/auto-merge-dependabot-workflow.yaml index 9c90c6aa..bfdebc9b 100644 --- a/.github/workflows/auto-merge-dependabot-workflow.yaml +++ b/.github/workflows/auto-merge-dependabot-workflow.yaml @@ -18,7 +18,7 @@ jobs: pull-requests: write steps: - name: Harden Runner - uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/benchmark.yaml b/.github/workflows/benchmark.yaml index c43ea8e7..bdcb461a 100644 --- a/.github/workflows/benchmark.yaml +++ b/.github/workflows/benchmark.yaml @@ -20,7 +20,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 82d69eb8..6fc2c1d4 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -40,7 +40,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml index f857afe7..eefd7ddc 100644 --- a/.github/workflows/labeler.yml +++ b/.github/workflows/labeler.yml @@ -13,7 +13,7 @@ jobs: issues: read steps: - name: Harden Runner - uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 with: disable-sudo: true egress-policy: audit diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c9d0cfdf..7125c34f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -13,7 +13,7 @@ jobs: contents: read steps: - name: Harden Runner - uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 09bbdc45..a8f65814 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -43,7 +43,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0 + uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 with: disable-sudo: true egress-policy: block