Skip to content

Commit ec9babf

Browse files
Bump the all group across 1 directory with 3 updates
Bumps the all group with 3 updates in the / directory: [step-security/harden-runner](https://github.com/step-security/harden-runner), [github/codeql-action](https://github.com/github/codeql-action) and [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action). Updates `step-security/harden-runner` from 2.19.1 to 2.19.3 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@a5ad31d...ab7a940) Updates `github/codeql-action` from 4.35.3 to 4.35.5 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@e46ed2c...9e0d7b8) Updates `zizmorcore/zizmor-action` from 0.5.3 to 0.5.6 - [Release notes](https://github.com/zizmorcore/zizmor-action/releases) - [Commits](zizmorcore/zizmor-action@b1d7e1f...5f14fd0) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.19.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github/codeql-action dependency-version: 4.35.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: zizmorcore/zizmor-action dependency-version: 0.5.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com>
1 parent 8adc824 commit ec9babf

4 files changed

Lines changed: 6 additions & 6 deletions

File tree

.github/workflows/actionlint.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ jobs:
2424
name: Action lint
2525
runs-on: ubuntu-latest
2626
steps:
27-
- uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
27+
- uses: step-security/harden-runner@ab7a9404c0f3da075243ca237b5fac12c98deaa5 # v2.19.3
2828
with:
2929
egress-policy: block
3030
allowed-endpoints: >

.github/workflows/build.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ jobs:
1818
contents: read
1919

2020
steps:
21-
- uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
21+
- uses: step-security/harden-runner@ab7a9404c0f3da075243ca237b5fac12c98deaa5 # v2.19.3
2222
with:
2323
egress-policy: audit
2424

.github/workflows/scorecard.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ jobs:
2626

2727
steps:
2828
- name: Harden the runner (Audit all outbound calls)
29-
uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
29+
uses: step-security/harden-runner@ab7a9404c0f3da075243ca237b5fac12c98deaa5 # v2.19.3
3030
with:
3131
egress-policy: audit
3232

@@ -50,6 +50,6 @@ jobs:
5050
retention-days: 5
5151

5252
- name: "Upload to code-scanning"
53-
uses: github/codeql-action/upload-sarif@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3
53+
uses: github/codeql-action/upload-sarif@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4.35.5
5454
with:
5555
sarif_file: results.sarif

.github/workflows/zizmor.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ jobs:
2626
contents: read # Clone the repository
2727
security-events: write # Upload SARIF results to Code Scanning
2828
steps:
29-
- uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
29+
- uses: step-security/harden-runner@ab7a9404c0f3da075243ca237b5fac12c98deaa5 # v2.19.3
3030
with:
3131
egress-policy: block
3232
allowed-endpoints: >
@@ -41,4 +41,4 @@ jobs:
4141
persist-credentials: false
4242

4343
- name: Run zizmor
44-
uses: zizmorcore/zizmor-action@b1d7e1fb5de872772f31590499237e7cce841e8e # v0.5.3
44+
uses: zizmorcore/zizmor-action@5f14fd08f7cf1cb1609c1e344975f152c7ee938d # v0.5.6

0 commit comments

Comments
 (0)