diff --git a/.github/workflows/cibuild.yml b/.github/workflows/cibuild.yml index 875a8b91cd..a550ba3396 100644 --- a/.github/workflows/cibuild.yml +++ b/.github/workflows/cibuild.yml @@ -76,7 +76,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Harden Runner - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 + uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index adb0feecf8..8945194db9 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -43,7 +43,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Harden Runner - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 + uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 78e9350a69..2422704e9a 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -34,7 +34,7 @@ jobs: BUNDLE_PATH: vendor/bundle steps: - name: Harden Runner - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 + uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/docs_generate.yml b/.github/workflows/docs_generate.yml index 946ad02254..3ee595f893 100644 --- a/.github/workflows/docs_generate.yml +++ b/.github/workflows/docs_generate.yml @@ -30,7 +30,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 + uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/rebuild.yml b/.github/workflows/rebuild.yml index 4ec7f4cd97..76b6f6e3d1 100644 --- a/.github/workflows/rebuild.yml +++ b/.github/workflows/rebuild.yml @@ -59,7 +59,7 @@ jobs: dist-bundles: Dist_Bundles_JDK${{ matrix.java }}_${{ matrix.os }} steps: - name: Harden Runner - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 + uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -102,7 +102,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Harden Runner - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 + uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 3a33f42b92..cec40f8ec5 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -21,7 +21,7 @@ jobs: runs-on: 'ubuntu-latest' steps: - name: Harden Runner - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 + uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/wrapper.yml b/.github/workflows/wrapper.yml index c7c06a6f47..0deef66ebe 100644 --- a/.github/workflows/wrapper.yml +++ b/.github/workflows/wrapper.yml @@ -30,7 +30,7 @@ jobs: runs-on: 'ubuntu-latest' steps: - name: Harden Runner - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 + uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs