Merge pull request #71 from chainguard-dev/dependabot/github_actions/actions-fe30162250

cpanato · web-flow · commit 27f48b79e5ee · 2025-07-21T17:46:48.000+02:00
Bump the actions group with 2 updates
diff --git a/.github/workflows/build-scanner-audit.yaml b/.github/workflows/build-scanner-audit.yaml
@@ -20,7 +20,7 @@ jobs:
       contents: read
 
     steps:
-      - uses: step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49 # v2.12.2
+      - uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/regen-answers.yaml b/.github/workflows/regen-answers.yaml
@@ -18,7 +18,7 @@ jobs:
       id-token: write # To gitsign and federate
 
     steps:
-    - uses: step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49 # v2.12.2
+    - uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
       with:
         egress-policy: audit
 
@@ -55,7 +55,7 @@ jobs:
         echo "create_pr_update=true" >> $GITHUB_OUTPUT
 
     # Configure signed commits
-    - uses: chainguard-dev/actions/setup-gitsign@86e8917a5f452c794e263fddae12d25a44b18f18 # v1.4.5
+    - uses: chainguard-dev/actions/setup-gitsign@ae2f0393ff2a60c572ff4d3485f406e8f36dfd38 # v1.4.6
       if: ${{ steps.check-diff.outputs.create_pr_update == 'true' }}
 
     # Based on usage in https://github.com/chainguard-dev/digestabot/blob/main/action.yml
