diff --git a/.github/workflows/codacy-analysis.yml b/.github/workflows/codacy-analysis.yml index 36f52c0..3338ab4 100644 --- a/.github/workflows/codacy-analysis.yml +++ b/.github/workflows/codacy-analysis.yml @@ -30,7 +30,7 @@ jobs: steps: # Checkout the repository to the GitHub Actions runner - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/codecov.yml b/.github/workflows/codecov.yml index 4793041..044618c 100644 --- a/.github/workflows/codecov.yml +++ b/.github/workflows/codecov.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 089d409..6ee8f43 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -42,7 +42,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index bf3672c..522f5a1 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -12,7 +12,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index 2250590..e2955c3 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/mysql.yml b/.github/workflows/mysql.yml index 235bc78..571a165 100644 --- a/.github/workflows/mysql.yml +++ b/.github/workflows/mysql.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: # egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs egress-policy: block diff --git a/.github/workflows/pg.yml b/.github/workflows/pg.yml index 7ddb370..404563d 100644 --- a/.github/workflows/pg.yml +++ b/.github/workflows/pg.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: egress-policy: block allowed-endpoints: > diff --git a/.github/workflows/s2.yml b/.github/workflows/s2.yml index 311d426..edd05cb 100644 --- a/.github/workflows/s2.yml +++ b/.github/workflows/s2.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5 + uses: step-security/harden-runner@18bf8ad2ca49c14cbb28b91346d626ccfb00c518 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs