diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 45cdc457a5..b9897c91f9 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -21,7 +21,7 @@ jobs: issues: write steps: - name: Harden Runner - uses: step-security/harden-runner@dece11172ed6b762b5421b294513d628edad7f7d + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 52dc2fc8c0..7d6ec36e60 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -47,7 +47,7 @@ jobs: rust: [stable, beta, nightly] steps: - name: Harden Runner - uses: step-security/harden-runner@dece11172ed6b762b5421b294513d628edad7f7d + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -73,7 +73,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@dece11172ed6b762b5421b294513d628edad7f7d + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -93,7 +93,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@dece11172ed6b762b5421b294513d628edad7f7d + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 @@ -119,7 +119,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@dece11172ed6b762b5421b294513d628edad7f7d + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -143,7 +143,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@dece11172ed6b762b5421b294513d628edad7f7d + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -164,7 +164,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@dece11172ed6b762b5421b294513d628edad7f7d + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -247,7 +247,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@dece11172ed6b762b5421b294513d628edad7f7d + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 101070c8c2..eb4621fdea 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -27,7 +27,7 @@ jobs: contents: write steps: - name: Harden Runner - uses: step-security/harden-runner@dece11172ed6b762b5421b294513d628edad7f7d + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/rust-clippy.yml b/.github/workflows/rust-clippy.yml index aa0070e104..4fbef6a51b 100644 --- a/.github/workflows/rust-clippy.yml +++ b/.github/workflows/rust-clippy.yml @@ -29,7 +29,7 @@ jobs: security-events: write steps: - name: Harden Runner - uses: step-security/harden-runner@dece11172ed6b762b5421b294513d628edad7f7d + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs