diff --git a/.github/workflows/cleanupcache.yaml b/.github/workflows/cleanupcache.yaml index 60cb4f4d30..cd30bb1e89 100644 --- a/.github/workflows/cleanupcache.yaml +++ b/.github/workflows/cleanupcache.yaml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 with: egress-policy: audit diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 58a50e6c3b..de22fc49d8 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -57,7 +57,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 with: egress-policy: audit diff --git a/.github/workflows/codeql-azclient.yml b/.github/workflows/codeql-azclient.yml index fd8a4a0ba2..0c579e633b 100644 --- a/.github/workflows/codeql-azclient.yml +++ b/.github/workflows/codeql-azclient.yml @@ -43,7 +43,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 with: egress-policy: audit diff --git a/.github/workflows/codespell.yaml b/.github/workflows/codespell.yaml index dfa02aef1a..73efb680c2 100644 --- a/.github/workflows/codespell.yaml +++ b/.github/workflows/codespell.yaml @@ -17,12 +17,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 with: egress-policy: audit - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - uses: codespell-project/actions-codespell@406322ec52dd7b488e48c1c4b82e2a8b3a1bf630 # master + - uses: codespell-project/actions-codespell@8f01853be192eb0f849a5c7d721450e7a467c579 # master with: check_filenames: true skip: ./.git,./.github/workflows/codespell.yaml,.git,*.png,*.jpg,*.svg,*.sum,./vendor,go.sum,testdata diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 2b3ddb97b1..5c7921376d 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 with: egress-policy: audit diff --git a/.github/workflows/lint-azclient.yaml b/.github/workflows/lint-azclient.yaml index 13ef7561c5..ffdc50b63e 100644 --- a/.github/workflows/lint-azclient.yaml +++ b/.github/workflows/lint-azclient.yaml @@ -24,7 +24,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 with: egress-policy: audit - name: Checkout diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 23be9afa1d..4493d6c862 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -38,7 +38,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 with: egress-policy: audit - name: Checkout diff --git a/.github/workflows/release-azclient-trace.yml b/.github/workflows/release-azclient-trace.yml index d58057111f..b315ecc3d8 100644 --- a/.github/workflows/release-azclient-trace.yml +++ b/.github/workflows/release-azclient-trace.yml @@ -15,7 +15,7 @@ jobs: contents: write # Required for creating and pushing git tags steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 with: egress-policy: audit diff --git a/.github/workflows/release-azclient.yml b/.github/workflows/release-azclient.yml index 632fce5bb4..79e90b5933 100644 --- a/.github/workflows/release-azclient.yml +++ b/.github/workflows/release-azclient.yml @@ -19,7 +19,7 @@ jobs: contents: write # Required for creating and pushing git tags steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 with: egress-policy: audit diff --git a/.github/workflows/release-cache.yml b/.github/workflows/release-cache.yml index 58ba75a918..66ad76a2e4 100644 --- a/.github/workflows/release-cache.yml +++ b/.github/workflows/release-cache.yml @@ -15,7 +15,7 @@ jobs: contents: write # Required for creating and pushing git tags steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 with: egress-policy: audit diff --git a/.github/workflows/release-configloader.yml b/.github/workflows/release-configloader.yml index a2f2fc9fd3..cef71d2792 100644 --- a/.github/workflows/release-configloader.yml +++ b/.github/workflows/release-configloader.yml @@ -15,7 +15,7 @@ jobs: contents: write # Required for creating and pushing git tags steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 with: egress-policy: audit diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index c5d4b3bb63..43b2c53a4d 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -23,7 +23,7 @@ jobs: arch: arm64 steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 with: egress-policy: audit - name: Install arm build toolchains @@ -62,7 +62,7 @@ jobs: arch: amd64 steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 with: egress-policy: audit - name: Install arm build toolchains @@ -119,7 +119,7 @@ jobs: arch: amd64 steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 with: egress-policy: audit - name: Install arm build toolchains @@ -171,7 +171,7 @@ jobs: contents: write # Required for creating GitHub releases steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 with: egress-policy: audit - name: Install arm build toolchains diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index ceec04cbb5..b1bb5df569 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -32,7 +32,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 with: egress-policy: audit diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml index 206a47a9c6..886db4ad42 100644 --- a/.github/workflows/trivy.yaml +++ b/.github/workflows/trivy.yaml @@ -35,7 +35,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 with: egress-policy: audit diff --git a/.github/workflows/update-trivy-db.yaml b/.github/workflows/update-trivy-db.yaml index 132f78d0b1..55d9a5d955 100644 --- a/.github/workflows/update-trivy-db.yaml +++ b/.github/workflows/update-trivy-db.yaml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 with: egress-policy: audit diff --git a/.github/workflows/update-vendor-license.yml b/.github/workflows/update-vendor-license.yml index cb3b4c22a2..96514e002a 100644 --- a/.github/workflows/update-vendor-license.yml +++ b/.github/workflows/update-vendor-license.yml @@ -37,7 +37,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 with: egress-policy: audit