diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml index eaa636ad..1ccc15fd 100644 --- a/.github/workflows/benchmark.yml +++ b/.github/workflows/benchmark.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Harden Runner if: matrix.os == 'ubuntu' - uses: step-security/harden-runner@4a1e83c9ef6b0e39b16f17b2734e08cdfbeea46c + uses: step-security/harden-runner@0c6ab70129fa3660acd9cd2b51e8685d619cd613 with: disable-sudo: true egress-policy: audit diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d70a1aa0..935daa11 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -49,7 +49,7 @@ jobs: steps: - name: Harden Runner if: matrix.os == 'ubuntu-latest' - uses: step-security/harden-runner@4a1e83c9ef6b0e39b16f17b2734e08cdfbeea46c + uses: step-security/harden-runner@0c6ab70129fa3660acd9cd2b51e8685d619cd613 with: disable-sudo: true egress-policy: audit diff --git a/.github/workflows/deps-submission.yml b/.github/workflows/deps-submission.yml index 8d2e39e7..77ba7400 100644 --- a/.github/workflows/deps-submission.yml +++ b/.github/workflows/deps-submission.yml @@ -28,7 +28,7 @@ jobs: contents: write steps: - name: Harden Runner - uses: step-security/harden-runner@4a1e83c9ef6b0e39b16f17b2734e08cdfbeea46c + uses: step-security/harden-runner@0c6ab70129fa3660acd9cd2b51e8685d619cd613 with: disable-sudo: true egress-policy: audit diff --git a/.github/workflows/gradle-wrapper-validation.yml b/.github/workflows/gradle-wrapper-validation.yml index 7431a854..afc4bd48 100644 --- a/.github/workflows/gradle-wrapper-validation.yml +++ b/.github/workflows/gradle-wrapper-validation.yml @@ -26,7 +26,7 @@ jobs: timeout-minutes: 5 steps: - name: Harden Runner - uses: step-security/harden-runner@4a1e83c9ef6b0e39b16f17b2734e08cdfbeea46c + uses: step-security/harden-runner@0c6ab70129fa3660acd9cd2b51e8685d619cd613 with: disable-sudo: true egress-policy: block