diff --git a/.github/workflows/codacy-analysis.yml b/.github/workflows/codacy-analysis.yml index e5ea6cc..a0ec877 100644 --- a/.github/workflows/codacy-analysis.yml +++ b/.github/workflows/codacy-analysis.yml @@ -30,7 +30,7 @@ jobs: steps: # Checkout the repository to the GitHub Actions runner - name: Harden Runner - uses: step-security/harden-runner@03bee3930647ebbf994244c21ddbc0d4933aab4f + uses: step-security/harden-runner@128a63446a954579617e875aaab7d2978154e969 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/codecov.yml b/.github/workflows/codecov.yml index faf6991..8b9b808 100644 --- a/.github/workflows/codecov.yml +++ b/.github/workflows/codecov.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@03bee3930647ebbf994244c21ddbc0d4933aab4f + uses: step-security/harden-runner@128a63446a954579617e875aaab7d2978154e969 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 81c69a4..7d930d7 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -42,7 +42,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@03bee3930647ebbf994244c21ddbc0d4933aab4f + uses: step-security/harden-runner@128a63446a954579617e875aaab7d2978154e969 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index 86f4c11..90bc168 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -12,7 +12,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Harden Runner - uses: step-security/harden-runner@03bee3930647ebbf994244c21ddbc0d4933aab4f + uses: step-security/harden-runner@128a63446a954579617e875aaab7d2978154e969 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index f80131c..9e171d3 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@03bee3930647ebbf994244c21ddbc0d4933aab4f + uses: step-security/harden-runner@128a63446a954579617e875aaab7d2978154e969 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/mysql.yml b/.github/workflows/mysql.yml index ccbb56e..dab43fe 100644 --- a/.github/workflows/mysql.yml +++ b/.github/workflows/mysql.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@03bee3930647ebbf994244c21ddbc0d4933aab4f + uses: step-security/harden-runner@128a63446a954579617e875aaab7d2978154e969 with: # egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs egress-policy: block diff --git a/.github/workflows/pg.yml b/.github/workflows/pg.yml index 30f648e..bc13d53 100644 --- a/.github/workflows/pg.yml +++ b/.github/workflows/pg.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@03bee3930647ebbf994244c21ddbc0d4933aab4f + uses: step-security/harden-runner@128a63446a954579617e875aaab7d2978154e969 with: egress-policy: block allowed-endpoints: > diff --git a/.github/workflows/s2.yml b/.github/workflows/s2.yml index a35c9ff..738e68a 100644 --- a/.github/workflows/s2.yml +++ b/.github/workflows/s2.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@03bee3930647ebbf994244c21ddbc0d4933aab4f + uses: step-security/harden-runner@128a63446a954579617e875aaab7d2978154e969 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs