From 37b052b4a10a02ba95286a5b31ef56912eeca7cf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 10 Dec 2025 01:17:34 +0000 Subject: [PATCH] [GitHub Action] Bump step-security/harden-runner from 2.13.3 to 2.14.0 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.13.3 to 2.14.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/df199fb7be9f65074067a9eb93f12bb4c5547cf2...20cf305ff2072d973412fa9b1e3a4f227bda3c76) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.14.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/ansible-lint.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/powershell-analyzer.yml | 2 +- .github/workflows/pull-request-assignee.yml | 4 ++-- .github/workflows/scorecard.yml | 2 +- .github/workflows/snyk-code-scan-python.yml | 2 +- .github/workflows/snyk-container-scan.yml | 2 +- .github/workflows/tox.yml | 2 +- 8 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/ansible-lint.yml b/.github/workflows/ansible-lint.yml index 0346039..97a0c88 100644 --- a/.github/workflows/ansible-lint.yml +++ b/.github/workflows/ansible-lint.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit - name: Checkout repository diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 5f921b2..e28e83b 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -31,7 +31,7 @@ jobs: build-mode: none steps: - name: Harden the runner (Block mode) - uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: block allowed-endpoints: > diff --git a/.github/workflows/powershell-analyzer.yml b/.github/workflows/powershell-analyzer.yml index 95d71fc..ed7d92b 100644 --- a/.github/workflows/powershell-analyzer.yml +++ b/.github/workflows/powershell-analyzer.yml @@ -16,7 +16,7 @@ jobs: security-events: write steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit - name: "Checkout code" diff --git a/.github/workflows/pull-request-assignee.yml b/.github/workflows/pull-request-assignee.yml index e6d0b61..7b44323 100644 --- a/.github/workflows/pull-request-assignee.yml +++ b/.github/workflows/pull-request-assignee.yml @@ -20,7 +20,7 @@ jobs: pull-requests: write steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit - name: Assign PR creator @@ -34,7 +34,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit - name: Report Failure diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 6551469..cf9fe12 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -21,7 +21,7 @@ jobs: id-token: write steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit - name: "Checkout code" diff --git a/.github/workflows/snyk-code-scan-python.yml b/.github/workflows/snyk-code-scan-python.yml index c83e1b8..0fc52a8 100644 --- a/.github/workflows/snyk-code-scan-python.yml +++ b/.github/workflows/snyk-code-scan-python.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit - name: Checkout repository diff --git a/.github/workflows/snyk-container-scan.yml b/.github/workflows/snyk-container-scan.yml index 5928116..2e3fc3d 100644 --- a/.github/workflows/snyk-container-scan.yml +++ b/.github/workflows/snyk-container-scan.yml @@ -31,7 +31,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit - name: Checkout repository diff --git a/.github/workflows/tox.yml b/.github/workflows/tox.yml index 24e460f..585c10a 100644 --- a/.github/workflows/tox.yml +++ b/.github/workflows/tox.yml @@ -16,7 +16,7 @@ jobs: python-version: ['3.10', '3.11', '3.12', '3.13'] steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit - name: Checkout repository