1212 runs-on : ubuntu-latest
1313
1414 steps :
15+ - name : Harden Runner
16+ uses : step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
17+ with :
18+ egress-policy : block
19+ allowed-endpoints : >
20+ api.github.com:443
21+ github.com:443
22+ registry.npmjs.org:443
23+ release-assets.githubusercontent.com:443
24+
1525name : Checkout
1626 uses : actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
1727
2939 runs-on : ubuntu-latest
3040
3141 steps :
42+ - name : Harden Runner
43+ uses : step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
44+ with :
45+ egress-policy : block
46+ allowed-endpoints : >
47+ api.github.com:443
48+ github.com:443
49+ registry.npmjs.org:443
50+ release-assets.githubusercontent.com:443
51+
3252name : Checkout
3353 uses : actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
3454
4666 runs-on : ubuntu-latest
4767
4868 steps :
69+ - name : Harden Runner
70+ uses : step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
71+ with :
72+ egress-policy : block
73+ allowed-endpoints : >
74+ api.github.com:443
75+ github.com:443
76+ registry.npmjs.org:443
77+ release-assets.githubusercontent.com:443
78+
4979name : Checkout
5080 uses : actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
5181
6393 runs-on : ubuntu-latest
6494
6595 steps :
96+ - name : Harden Runner
97+ uses : step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
98+ with :
99+ egress-policy : block
100+ allowed-endpoints : >
101+ api.github.com:443
102+ github.com:443
103+ registry.npmjs.org:443
104+ release-assets.githubusercontent.com:443
105+
66106name : Checkout
67107 uses : actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
68108
@@ -80,6 +120,16 @@ jobs:
80120 runs-on : ubuntu-latest
81121
82122 steps :
123+ - name : Harden Runner
124+ uses : step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
125+ with :
126+ egress-policy : block
127+ allowed-endpoints : >
128+ api.github.com:443
129+ github.com:443
130+ registry.npmjs.org:443
131+ release-assets.githubusercontent.com:443
132+
83133name : Checkout
84134 uses : actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
85135
@@ -97,6 +147,21 @@ jobs:
97147 runs-on : ubuntu-latest
98148
99149 steps :
150+ - name : Harden Runner
151+ uses : step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
152+ with :
153+ egress-policy : block
154+ allowed-endpoints : >
155+ api.github.com:443
156+ cli.codecov.io:443
157+ github.com:443
158+ ingest.codecov.io:443
159+ keybase.io:443
160+ o26192.ingest.us.sentry.io:443
161+ registry.npmjs.org:443
162+ release-assets.githubusercontent.com:443
163+ storage.googleapis.com:443
164+
100165name : Checkout
101166 uses : actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
102167
@@ -119,6 +184,16 @@ jobs:
119184 runs-on : ubuntu-latest
120185
121186 steps :
187+ - name : Harden Runner
188+ uses : step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
189+ with :
190+ egress-policy : block
191+ allowed-endpoints : >
192+ api.github.com:443
193+ github.com:443
194+ registry.npmjs.org:443
195+ release-assets.githubusercontent.com:443
196+
122197name : Checkout
123198 uses : actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
124199
0 commit comments