Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Bump step-security/harden-runner from 2.4.1 to 2.5.0 (#4607)
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.4.1 to 2.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.5.0</h2> <h2>What's Changed</h2> <p>Release v2.5.0 by <a href="https://github.com/h0x0er"><code>@h0x0er</code></a> and <a href="https://github.com/varunsh-coder"><code>@varunsh-coder</code></a> in <a href="https://redirect.github.com/step-security/harden-runner/pull/325">step-security/harden-runner#325</a></p> <p>This release:</p> <ol> <li>Adds support for Actions Runner Controller (ARC) environment</li> <li>Improves the job summary markdown</li> </ol> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.5.0">https://github.com/step-security/harden-runner/compare/v2...v2.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/cba0d00b1fc9a034e1e642ea0f1103c282990604"><code>cba0d00</code></a> Release v2.5.0 (<a href="https://redirect.github.com/step-security/harden-runner/issues/325">#325</a>)</li> <li><a href="https://github.com/step-security/harden-runner/commit/aa817ef3512b39bbe179e1c24cc63b4a421ab219"><code>aa817ef</code></a> Update README (<a href="https://redirect.github.com/step-security/harden-runner/issues/321">#321</a>)</li> <li><a href="https://github.com/step-security/harden-runner/commit/75ac55456f91a43ec55fa9768ebac0fde49ef6fc"><code>75ac554</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/314">#314</a> from step-security/codecov-allow-domain</li> <li><a href="https://github.com/step-security/harden-runner/commit/df76f095bff67ef6adde09ef13b1d16151765625"><code>df76f09</code></a> Allow endpoint for codecov</li> <li><a href="https://github.com/step-security/harden-runner/commit/1d7cff8f224225f40f4ad98a1bf71794fc8433de"><code>1d7cff8</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/313">#313</a> from step-security-bot/stepsecurity_remediation_16884...</li> <li><a href="https://github.com/step-security/harden-runner/commit/1931def3f2480883319b9e25a8f91273b31607a1"><code>1931def</code></a> [StepSecurity] Apply security best practices</li> <li><a href="https://github.com/step-security/harden-runner/commit/eba91136efc2e47cf9832255264a9dcd1fb9defb"><code>eba9113</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/312">#312</a> from step-security/dependabot/github_actions/ossf/sco...</li> <li><a href="https://github.com/step-security/harden-runner/commit/28a46cf74295b6411ac5d12e55d5847c41ceb377"><code>28a46cf</code></a> Bump ossf/scorecard-action from 2.1.3 to 2.2.0</li> <li><a href="https://github.com/step-security/harden-runner/commit/532ef4a868ff5b0fcb05cad9f2aa4f6c81a35bf7"><code>532ef4a</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/311">#311</a> from step-security/dependabot/github_actions/step-sec...</li> <li><a href="https://github.com/step-security/harden-runner/commit/9973777dd488cdaff1ceaf70b5257cd04d02a30b"><code>9973777</code></a> Bump step-security/harden-runner from 2.4.0 to 2.4.1</li> <li>Additional commits viewable in <a href="https://github.com/step-security/harden-runner/compare/55d479fb1c5bcad5a4f9099a5d9f37c8857b2845...cba0d00b1fc9a034e1e642ea0f1103c282990604">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Yuri Shkuro <yurishkuro@users.noreply.github.com>
- Loading branch information
1 parent
2881485
commit 82e426c