Update step-security/harden-runner action to v2.11.0 (#150)

renovate-bot · web-flow · commit 57e5ccbc63db · 2025-03-01T02:16:26.000Z
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [step-security/harden-runner](https://redirect.github.com/step-security/harden-runner) | action | minor | `v2.10.1` -> `v2.11.0` | --- ### Release Notes <details> <summary>step-security/harden-runner (step-security/harden-runner)</summary> ### [`v2.11.0`](https://redirect.github.com/step-security/harden-runner/releases/tag/v2.11.0) [Compare Source](https://redirect.github.com/step-security/harden-runner/compare/v2.10.4...v2.11.0) ##### What's Changed Release v2.11.0 in [#&#8203;498](https://redirect.github.com/step-security/harden-runner/issues/498) Harden-Runner Enterprise tier now supports the use of eBPF for DNS resolution and network call monitoring **Full Changelog**: step-security/harden-runner@v2...v2.11.0 ### [`v2.10.4`](https://redirect.github.com/step-security/harden-runner/releases/tag/v2.10.4) [Compare Source](https://redirect.github.com/step-security/harden-runner/compare/v2.10.3...v2.10.4) ##### What's Changed Fixed a potential Harden-Runner post step failure that could occur when printing agent service logs. The fix gracefully handles failures without failing the post step. **Full Changelog**: step-security/harden-runner@v2...v2.10.4 ### [`v2.10.3`](https://redirect.github.com/step-security/harden-runner/releases/tag/v2.10.3) [Compare Source](https://redirect.github.com/step-security/harden-runner/compare/v2.10.2...v2.10.3) ##### What's Changed Fixed an issue where DNS requests using uppercase characters (e.g., EXAMPLE.com) were blocked even when the domain was present in the allowed list. This update standardizes domain names to lowercase for consistent comparison. **Full Changelog**: step-security/harden-runner@v2...v2.10.3 ### [`v2.10.2`](https://redirect.github.com/step-security/harden-runner/releases/tag/v2.10.2) [Compare Source](https://redirect.github.com/step-security/harden-runner/compare/v2.10.1...v2.10.2) ##### What's Changed 1. Fixes low-severity command injection weaknesses The advisory is here: GHSA-g85v-wf27-67xc 2. Bug fix to improve detection of whether Harden-Runner is running in a container **Full Changelog**: step-security/harden-runner@v2...v2.10.2 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on the first day of the month" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/jaegertracing/jaeger-idl).  Signed-off-by: Mend Renovate <bot@renovateapp.com>
diff --git a/.github/workflows/ci-lint-test.yml b/.github/workflows/ci-lint-test.yml
@@ -43,7 +43,7 @@ jobs:
   lint:
     runs-on: ubuntu-latest
     steps:
-      - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7  # v2.10.1
+      - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481  # v2.11.0
         with:
           egress-policy: audit
       - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
diff --git a/.github/workflows/ci-unit-tests.yml b/.github/workflows/ci-unit-tests.yml
@@ -21,7 +21,7 @@ jobs:
   unit-tests:
     runs-on: ubuntu-latest
     steps:
-    - uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+    - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
       with:
         egress-policy: audit
 
