chore(deps): update step-security/harden-runner action to v2.3.0
Created by: renovate[bot]
This PR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
step-security/harden-runner | action | minor |
v2.0.0 -> v2.3.0
|
Release Notes
step-security/harden-runner
v2.3.0
What's Changed
- Enable setting policy via insights website (link to documentation) by @h0x0er and @varunsh-coder in https://github.com/step-security/harden-runner/pull/266 The Policy Store helps you manage Harden Runner policies without altering your workflow files.
- Update README.md by @varunsh-coder in https://github.com/step-security/harden-runner/pull/255
- Bump github/codeql-action from 2.2.4 to 2.2.6 by @dependabot in https://github.com/step-security/harden-runner/pull/254
- Bump step-security/harden-runner from 2.2.0 to 2.2.1 by @dependabot in https://github.com/step-security/harden-runner/pull/256
Full Changelog: https://github.com/step-security/harden-runner/compare/v2...v2.3.0
v2.2.1
What's Changed
- Fix issue to get cache endpoint by @h0x0er in https://github.com/step-security/harden-runner/pull/253 Harden runner has the ability to automatically detect the cache endpoint used by each job. When Harden runner is used in block mode, this endpoint is added to the list of allowed endpoints. A fix has been implemented to improve this feature by updating the logic used to fetch the cache endpoint. This update involves using code from the actions/cache library to ensure the endpoint is properly retrieved.
- Update README.md by @varunsh-coder in https://github.com/step-security/harden-runner/pull/247
- Bump step-security/harden-runner from 2.1.0 to 2.2.0 by @dependabot in https://github.com/step-security/harden-runner/pull/248
- Bump github/codeql-action from 2.1.38 to 2.2.4 by @dependabot in https://github.com/step-security/harden-runner/pull/244
Full Changelog: https://github.com/step-security/harden-runner/compare/v2...v2.2.1
v2.2.0
What's Changed
- Release v2.2.0 by @varunsh-coder in https://github.com/step-security/harden-runner/pull/245
- Added functionality that allows for skipping Harden Runner installation if any errors arise during the installation process.
- Updated Harden-Runner GitHub Action to use the latest version of the Harden Runner agent, which resolves three issues:
- Addressed a bug that allowed calls to direct IP addresses not included in the allowed list when executing code in a docker image.
- Enhanced annotations to eliminate false positives, specifically not showing false positive calls to docker.io
- Upgraded
containerd
dependency to a non-vulnerable version.
- Bump codecov/codecov-action from 2.1.0 to 3.1.1 by @dependabot in https://github.com/step-security/harden-runner/pull/233
- Bump step-security/harden-runner from 2.0.0 to 2.1.0 by @dependabot in https://github.com/step-security/harden-runner/pull/232
- Bump github/codeql-action from 2.1.37 to 2.1.38 by @dependabot in https://github.com/step-security/harden-runner/pull/229
- Update README.md by @varunsh-coder in https://github.com/step-security/harden-runner/pull/231
Full Changelog: https://github.com/step-security/harden-runner/compare/v2...v2.2.0
v2.1.0
What's Changed
- Add harden-runner insights URL in job summary by @h0x0er and @varunsh-coder in https://github.com/step-security/harden-runner/pull/227. This makes it easier to locate and click on the insights link. One had to look for it in the build log earlier.
- Update README.md by @varunsh-coder in https://github.com/step-security/harden-runner/pull/210
- Bump github/codeql-action from 2.1.29 to 2.1.31 by @dependabot in https://github.com/step-security/harden-runner/pull/206
- Bump step-security/harden-runner from 1.5.0 to 2.0.0 by @dependabot in https://github.com/step-security/harden-runner/pull/211
- Update README by @varunsh-coder in https://github.com/step-security/harden-runner/pull/216
- Bump ossf/scorecard-action from 2.0.6 to 2.1.0 by @dependabot in https://github.com/step-security/harden-runner/pull/221
- Bump github/codeql-action from 2.1.31 to 2.1.37 by @dependabot in https://github.com/step-security/harden-runner/pull/220
- Bump ossf/scorecard-action from 2.1.0 to 2.1.2 by @dependabot in https://github.com/step-security/harden-runner/pull/223
- Bump actions/upload-artifact from 3.1.1 to 3.1.2 by @dependabot in https://github.com/step-security/harden-runner/pull/225
- Bump actions/checkout from 3.1.0 to 3.3.0 by @dependabot in https://github.com/step-security/harden-runner/pull/224
Full Changelog: https://github.com/step-security/harden-runner/compare/v2...v2.1.0
Configuration
-
If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.