Bump step-security/harden-runner from 2.8.0 to 2.9.1

Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.8.0 to 2.9.1. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@f086349...5c7944e) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
nodenv · Aug 12, 2024 · 2005c5d · 2005c5d
1 parent e20d9f3
commit 2005c5d
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 10 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -23,7 +23,7 @@ jobs:
     permissions: {contents: write}
     runs-on: ubuntu-latest
     steps:
-    - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
+    - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
       with: {egress-policy: audit}
     - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
     - run: |
@@ -38,7 +38,7 @@ jobs:
     permissions: {contents: read}
     runs-on: ubuntu-latest
     steps:
-    - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
+    - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
       with: {egress-policy: audit}
     - uses: mislav/bump-homebrew-formula-action@b3327118b2153c82da63fd9cbf58942146ee99f0 # v3.1
       with:
@@ -53,7 +53,7 @@ jobs:
     permissions: {contents: write}
     runs-on: ubuntu-latest
     steps:
-    - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
+    - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
       with: {egress-policy: audit}
     - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
     - run: git push -f origin "HEAD:refs/heads/${GITHUB_REF_NAME%%.*}"
@@ -62,7 +62,7 @@ jobs:
     permissions: {id-token: write}
     runs-on: ubuntu-latest
     steps:
-    - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
+    - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
       with: {egress-policy: audit}
     - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
     - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2

diff --git a/.github/workflows/sync-default-branch.yml b/.github/workflows/sync-default-branch.yml
@@ -8,7 +8,7 @@ jobs:
     permissions: {contents: write}
     runs-on: ubuntu-latest
     steps:
-    - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
+    - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
       with: {egress-policy: audit}
     - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
     - run: git push --force origin HEAD:refs/heads/master
diff --git a/.github/workflows/tag-major.yml b/.github/workflows/tag-major.yml
@@ -11,7 +11,7 @@ jobs:
     permissions: {contents: write}
     runs-on: ubuntu-latest
     steps:
-    - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
+    - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
       with: {egress-policy: audit}
     - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
     - run: git push -f origin "HEAD:refs/heads/${GITHUB_REF_NAME%%.*}"
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -20,7 +20,7 @@ jobs:
     runs-on: ${{ matrix.os }}-latest
     strategy: {matrix: {os: [ubuntu, macOS]}}
     steps:
-    - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
+    - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
       with: {egress-policy: audit}
     - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
     - run: npm cit
@@ -30,7 +30,7 @@ jobs:
     permissions: {contents: read, packages: read, statuses: write}
     runs-on: ubuntu-latest
     steps:
-    - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
+    - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
       with: {egress-policy: audit}
     - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
       with: {fetch-depth: 0}
@@ -43,7 +43,7 @@ jobs:
     if: startsWith('pull_request', github.event_name)
     runs-on: ubuntu-latest
     steps:
-    - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
+    - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
       with: {egress-policy: audit}
     - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
     - uses: actions/dependency-review-action@0efb1d1d84fc9633afcdaad14c485cbbc90ef46c # v2.5.1
@@ -53,7 +53,7 @@ jobs:
     permissions: {id-token: write, security-events: write}
     runs-on: ubuntu-latest
     steps:
-    - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
+    - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
       with: {egress-policy: audit}
     - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
     - uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3