diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index d1fdd378..e7359b58 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -29,7 +29,7 @@ jobs: fail-fast: false runs-on: ${{ matrix.os }} steps: - - uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 + - uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 if: ${{ matrix.os == 'ubuntu-latest' }} with: disable-sudo: true @@ -57,7 +57,7 @@ jobs: name: Code Lint runs-on: ubuntu-latest steps: - - uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 + - uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: disable-sudo: true egress-policy: block @@ -87,7 +87,7 @@ jobs: runs-on: ubuntu-latest if: ${{ github.event.pull_request }} steps: - - uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 + - uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: disable-sudo: true egress-policy: block @@ -123,7 +123,7 @@ jobs: name: Lockfile Lint runs-on: ubuntu-latest steps: - - uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 + - uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 61fbe010..b0a3e8ef 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -32,7 +32,7 @@ jobs: id-token: write steps: - - uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 + - uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 if: ${{ matrix.os == 'ubuntu-latest' }} with: disable-sudo: true