Skip to content

chore(deps): bump step-security/harden-runner from 2.13.1 to 2.13.3#1725

Merged
tekton-robot merged 1 commit into
release-v0.26.xfrom
dependabot/github_actions/release-v0.26.x/step-security/harden-runner-2.13.3
Jul 3, 2026
Merged

chore(deps): bump step-security/harden-runner from 2.13.1 to 2.13.3#1725
tekton-robot merged 1 commit into
release-v0.26.xfrom
dependabot/github_actions/release-v0.26.x/step-security/harden-runner-2.13.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 23, 2026

Copy link
Copy Markdown
Contributor

Bumps step-security/harden-runner from 2.13.1 to 2.13.3.

Release notes

Sourced from step-security/harden-runner's releases.

v2.13.3

What's Changed

  • Fixed an issue where process events were not uploaded in certain edge cases.

Full Changelog: step-security/harden-runner@v2.13.2...v2.13.3

v2.13.2

What's Changed

  • Fixed an issue where there was a limit of 512 allowed endpoints when using block egress policy. This restriction has been removed, allowing for an unlimited number of endpoints to be configured.
  • Harden Runner now automatically detects if the agent is already pre-installed on a custom VM image used by a GitHub-hosted runner. When detected, the action will skip reinstallation and use the existing agent.

Full Changelog: step-security/harden-runner@v2.13.1...v2.13.2

Commits

@dependabot dependabot Bot added dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. labels Jun 23, 2026
@tekton-robot tekton-robot requested review from jkhelil and wlynch June 23, 2026 07:38
@tekton-robot tekton-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Jun 23, 2026
@anithapriyanatarajan

Copy link
Copy Markdown
Contributor

/lgtm

@tekton-robot tekton-robot added the lgtm Indicates that a PR is ready to be merged. label Jun 23, 2026
@anithapriyanatarajan

Copy link
Copy Markdown
Contributor

/approve

@jkhelil

jkhelil commented Jun 24, 2026

Copy link
Copy Markdown
Member

@dependabot rebase

@dependabot dependabot Bot force-pushed the dependabot/github_actions/release-v0.26.x/step-security/harden-runner-2.13.3 branch from b03f771 to ebc68dd Compare June 24, 2026 04:06
@tekton-robot tekton-robot removed the lgtm Indicates that a PR is ready to be merged. label Jun 24, 2026
@dependabot dependabot Bot force-pushed the dependabot/github_actions/release-v0.26.x/step-security/harden-runner-2.13.3 branch 2 times, most recently from bb28a41 to f523e05 Compare July 2, 2026 09:07
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.13.1 to 2.13.3.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](step-security/harden-runner@f4a75cf...df199fb)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.13.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/release-v0.26.x/step-security/harden-runner-2.13.3 branch from f523e05 to 6f05966 Compare July 3, 2026 05:04
@jkhelil

jkhelil commented Jul 3, 2026

Copy link
Copy Markdown
Member

/approve

@jkhelil

jkhelil commented Jul 3, 2026

Copy link
Copy Markdown
Member

/lgtm

@tekton-robot

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: anithapriyanatarajan, jkhelil

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tekton-robot tekton-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jul 3, 2026
@tekton-robot tekton-robot added the lgtm Indicates that a PR is ready to be merged. label Jul 3, 2026
@tekton-robot tekton-robot merged commit 38dd2e8 into release-v0.26.x Jul 3, 2026
14 checks passed
@dependabot dependabot Bot deleted the dependabot/github_actions/release-v0.26.x/step-security/harden-runner-2.13.3 branch July 3, 2026 12:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. lgtm Indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants