From e42cd890832622f449a6417ab406d16fde55893a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 12 Jun 2026 19:43:37 +0000 Subject: [PATCH] chore(deps): bump step-security/harden-runner from 2.17.0 to 2.19.4 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.17.0 to 2.19.4. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/f808768d1510423e83855289c910610ca9b43176...9af89fc71515a100421586dfdb3dc9c984fbf411) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.19.4 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/lambda.yml | 2 +- .github/workflows/ossf-scorecard.yml | 2 +- .github/workflows/packer-build.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/semantic-check.yml | 2 +- .github/workflows/stale.yml | 2 +- .github/workflows/terraform.yml | 6 +++--- .github/workflows/update-docs.yml | 4 ++-- 10 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 0038a1557d..30c6b1c248 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -31,7 +31,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: egress-policy: audit diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 24a62bc7dc..737b539431 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -24,7 +24,7 @@ jobs: pull-requests: write # for actions/dependency-review-action to comment on PRs steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: egress-policy: audit diff --git a/.github/workflows/lambda.yml b/.github/workflows/lambda.yml index e69e2fc677..7493aa4712 100644 --- a/.github/workflows/lambda.yml +++ b/.github/workflows/lambda.yml @@ -27,7 +27,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: egress-policy: audit diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml index 0a5cf926c1..23936bc533 100644 --- a/.github/workflows/ossf-scorecard.yml +++ b/.github/workflows/ossf-scorecard.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: egress-policy: audit diff --git a/.github/workflows/packer-build.yml b/.github/workflows/packer-build.yml index e26b36237e..bd8b460e94 100644 --- a/.github/workflows/packer-build.yml +++ b/.github/workflows/packer-build.yml @@ -34,7 +34,7 @@ jobs: working-directory: images/${{ matrix.image }} steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: egress-policy: audit diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8ffcec9554..8ef8b0e01d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -24,7 +24,7 @@ jobs: environment: release steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: egress-policy: audit diff --git a/.github/workflows/semantic-check.yml b/.github/workflows/semantic-check.yml index e1a1f34775..84206ae653 100644 --- a/.github/workflows/semantic-check.yml +++ b/.github/workflows/semantic-check.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: egress-policy: audit diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index f58a7e43dd..115225ce73 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -18,7 +18,7 @@ jobs: pull-requests: write # for actions/stale to close stale PRs steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: egress-policy: audit diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 872943e659..c08dbe8f72 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -26,7 +26,7 @@ jobs: image: hashicorp/terraform:${{ matrix.terraform }} steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: egress-policy: audit @@ -100,7 +100,7 @@ jobs: image: hashicorp/terraform:${{ matrix.terraform }} steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: egress-policy: audit @@ -165,7 +165,7 @@ jobs: image: hashicorp/terraform:${{ matrix.terraform }} steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: egress-policy: audit diff --git a/.github/workflows/update-docs.yml b/.github/workflows/update-docs.yml index 6b66a81570..396a707ac4 100644 --- a/.github/workflows/update-docs.yml +++ b/.github/workflows/update-docs.yml @@ -22,7 +22,7 @@ jobs: pull-requests: write # for peter-evans/create-pull-request to create PRs with doc updates steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: egress-policy: audit @@ -107,7 +107,7 @@ jobs: contents: write # for actions/checkout and mkdocs gh-deploy to push to gh-pages branch steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: egress-policy: audit