diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 925a1803..e9b73157 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -58,7 +58,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit disable-telemetry: true diff --git a/.github/workflows/pre-merge-ci.yaml b/.github/workflows/pre-merge-ci.yaml index 78da3a2e..4f8c4cc9 100644 --- a/.github/workflows/pre-merge-ci.yaml +++ b/.github/workflows/pre-merge-ci.yaml @@ -36,7 +36,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit disable-telemetry: true diff --git a/.github/workflows/push-bundles.yaml b/.github/workflows/push-bundles.yaml index 0d83b98a..e6c28628 100644 --- a/.github/workflows/push-bundles.yaml +++ b/.github/workflows/push-bundles.yaml @@ -36,7 +36,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit disable-telemetry: true diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 17ea15d7..0e2b581c 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -48,7 +48,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit disable-telemetry: true