diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 3658707..b6d5c48 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -19,7 +19,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: disable-sudo-and-containers: true egress-policy: block diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 1b9d1e5..d157ff6 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -20,7 +20,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/speculative-plan.yaml b/.github/workflows/speculative-plan.yaml index 1adc5fd..ab36506 100644 --- a/.github/workflows/speculative-plan.yaml +++ b/.github/workflows/speculative-plan.yaml @@ -16,7 +16,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: disable-sudo: true egress-policy: block @@ -59,7 +59,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: disable-sudo: true egress-policy: block @@ -112,7 +112,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: disable-sudo: true egress-policy: block