From 50ce969d414e1896c1a940846fd66bec913d07ab Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 16 Apr 2026 03:43:52 +0000 Subject: [PATCH] Bump the all group across 1 directory with 2 updates Bumps the all group with 2 updates in the / directory: [step-security/harden-runner](https://github.com/step-security/harden-runner) and [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action). Updates `step-security/harden-runner` from 2.17.0 to 2.18.0 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/f808768d1510423e83855289c910610ca9b43176...6c3c2f2c1c457b00c10c4848d6f5491db3b629df) Updates `zizmorcore/zizmor-action` from 0.5.2 to 0.5.3 - [Release notes](https://github.com/zizmorcore/zizmor-action/releases) - [Commits](https://github.com/zizmorcore/zizmor-action/compare/71321a20a9ded102f6e9ce5718a2fcec2c4f70d8...b1d7e1fb5de872772f31590499237e7cce841e8e) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.18.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: zizmorcore/zizmor-action dependency-version: 0.5.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] --- .github/workflows/actionlint.yaml | 2 +- .github/workflows/boilerplate.yaml | 2 +- .github/workflows/donotsubmit.yaml | 2 +- .github/workflows/go-test.yaml | 2 +- .github/workflows/presubmit-testing.yaml | 2 +- .github/workflows/style.yaml | 8 ++++---- .github/workflows/zizmor.yaml | 4 ++-- 7 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/actionlint.yaml b/.github/workflows/actionlint.yaml index aef48cc..2713b86 100644 --- a/.github/workflows/actionlint.yaml +++ b/.github/workflows/actionlint.yaml @@ -24,7 +24,7 @@ jobs: name: Action lint runs-on: ubuntu-latest steps: - - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + - uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0 with: egress-policy: block allowed-endpoints: > diff --git a/.github/workflows/boilerplate.yaml b/.github/workflows/boilerplate.yaml index c21d783..f4eea72 100644 --- a/.github/workflows/boilerplate.yaml +++ b/.github/workflows/boilerplate.yaml @@ -36,7 +36,7 @@ jobs: language: YAML steps: - - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + - uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0 with: egress-policy: audit diff --git a/.github/workflows/donotsubmit.yaml b/.github/workflows/donotsubmit.yaml index 00f46b0..ba586f0 100644 --- a/.github/workflows/donotsubmit.yaml +++ b/.github/workflows/donotsubmit.yaml @@ -20,7 +20,7 @@ jobs: contents: read steps: - - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + - uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0 with: egress-policy: audit diff --git a/.github/workflows/go-test.yaml b/.github/workflows/go-test.yaml index 8c0c5ea..2f75ccc 100644 --- a/.github/workflows/go-test.yaml +++ b/.github/workflows/go-test.yaml @@ -20,7 +20,7 @@ jobs: contents: read # for actions/checkout to fetch code runs-on: ubuntu-latest steps: - - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + - uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0 with: egress-policy: audit diff --git a/.github/workflows/presubmit-testing.yaml b/.github/workflows/presubmit-testing.yaml index 3df38d3..c26ce83 100644 --- a/.github/workflows/presubmit-testing.yaml +++ b/.github/workflows/presubmit-testing.yaml @@ -20,7 +20,7 @@ jobs: id-token: write steps: - - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + - uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0 with: egress-policy: audit diff --git a/.github/workflows/style.yaml b/.github/workflows/style.yaml index 9dd5fa6..4a638a6 100644 --- a/.github/workflows/style.yaml +++ b/.github/workflows/style.yaml @@ -23,7 +23,7 @@ jobs: contents: read steps: - - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + - uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0 with: egress-policy: audit @@ -50,7 +50,7 @@ jobs: contents: read steps: - - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + - uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0 with: egress-policy: audit @@ -76,7 +76,7 @@ jobs: pull-requests: read steps: - - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + - uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0 with: egress-policy: audit @@ -103,7 +103,7 @@ jobs: contents: read steps: - - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + - uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0 with: egress-policy: audit diff --git a/.github/workflows/zizmor.yaml b/.github/workflows/zizmor.yaml index f876d19..b6658d1 100644 --- a/.github/workflows/zizmor.yaml +++ b/.github/workflows/zizmor.yaml @@ -26,7 +26,7 @@ jobs: contents: read # Clone the repository security-events: write # Upload SARIF results to Code Scanning steps: - - uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0 + - uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0 with: egress-policy: block allowed-endpoints: > @@ -41,4 +41,4 @@ jobs: persist-credentials: false - name: Run zizmor - uses: zizmorcore/zizmor-action@71321a20a9ded102f6e9ce5718a2fcec2c4f70d8 # v0.5.2 + uses: zizmorcore/zizmor-action@b1d7e1fb5de872772f31590499237e7cce841e8e # v0.5.3