diff --git a/.github/workflows/_dependabot-auto-approve-and-merge.yml b/.github/workflows/_dependabot-auto-approve-and-merge.yml index 969b071..fde8d2f 100644 --- a/.github/workflows/_dependabot-auto-approve-and-merge.yml +++ b/.github/workflows/_dependabot-auto-approve-and-merge.yml @@ -21,7 +21,7 @@ jobs: update-type: ${{ steps.dependabot-metadata.outputs.update-type }} steps: - name: Harden Runner - uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1 + uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: egress-policy: audit @@ -57,7 +57,7 @@ jobs: pull-requests: write steps: - name: Harden Runner - uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1 + uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: egress-policy: audit diff --git a/.github/workflows/_dotnet-build-and-pack.yml b/.github/workflows/_dotnet-build-and-pack.yml index 20aae19..cf20a3f 100644 --- a/.github/workflows/_dotnet-build-and-pack.yml +++ b/.github/workflows/_dotnet-build-and-pack.yml @@ -39,7 +39,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1 + uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/_dotnet-build-and-test.yml b/.github/workflows/_dotnet-build-and-test.yml index 96bc64f..db9a25a 100644 --- a/.github/workflows/_dotnet-build-and-test.yml +++ b/.github/workflows/_dotnet-build-and-test.yml @@ -76,7 +76,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1 + uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/_dotnet-publish-nuget.yml b/.github/workflows/_dotnet-publish-nuget.yml index 60d8efa..b21ce65 100644 --- a/.github/workflows/_dotnet-publish-nuget.yml +++ b/.github/workflows/_dotnet-publish-nuget.yml @@ -58,7 +58,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1 + uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: disable-sudo: true egress-policy: block @@ -114,7 +114,7 @@ jobs: matrix: ${{ steps.set-matrix.outputs.matrix }} steps: - name: Harden Runner - uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1 + uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/_github-tag-and-release.yml b/.github/workflows/_github-tag-and-release.yml index 4af7fc0..0a6e092 100644 --- a/.github/workflows/_github-tag-and-release.yml +++ b/.github/workflows/_github-tag-and-release.yml @@ -27,7 +27,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1 + uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: egress-policy: audit diff --git a/.github/workflows/_pr-labeler.yml b/.github/workflows/_pr-labeler.yml index 1fd101b..80390f5 100644 --- a/.github/workflows/_pr-labeler.yml +++ b/.github/workflows/_pr-labeler.yml @@ -20,7 +20,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1 + uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: disable-sudo: true egress-policy: block @@ -82,7 +82,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1 + uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/_pr-lint.yml b/.github/workflows/_pr-lint.yml index baba4a5..40e3842 100644 --- a/.github/workflows/_pr-lint.yml +++ b/.github/workflows/_pr-lint.yml @@ -26,7 +26,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1 + uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: disable-sudo: true egress-policy: block @@ -63,7 +63,7 @@ jobs: if: ${{ inputs.cspell-config != null }} steps: - name: Harden Runner - uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1 + uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/_version.yml b/.github/workflows/_version.yml index 8278697..86d8019 100644 --- a/.github/workflows/_version.yml +++ b/.github/workflows/_version.yml @@ -35,7 +35,7 @@ jobs: current-version: ${{ steps.get-version.outputs.current-version }} steps: - name: Harden Runner - uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1 + uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/dependabot-validate.yml b/.github/workflows/dependabot-validate.yml index 2dc36c2..a3f084d 100644 --- a/.github/workflows/dependabot-validate.yml +++ b/.github/workflows/dependabot-validate.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1 + uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: egress-policy: audit