diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 553ad6e..4828cdb 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -30,10 +30,10 @@ jobs: timeout-minutes: 5 steps: - name: Harden runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: persist-credentials: false - uses: dtolnay/rust-toolchain@stable @@ -47,10 +47,10 @@ jobs: timeout-minutes: 10 steps: - name: Harden runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: persist-credentials: false - uses: dtolnay/rust-toolchain@stable @@ -71,10 +71,10 @@ jobs: steps: - name: Harden runner if: runner.os == 'Linux' - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: persist-credentials: false - uses: dtolnay/rust-toolchain@stable @@ -91,10 +91,10 @@ jobs: timeout-minutes: 10 steps: - name: Harden runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: persist-credentials: false - uses: dtolnay/rust-toolchain@stable @@ -110,10 +110,10 @@ jobs: timeout-minutes: 10 steps: - name: Harden runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: persist-credentials: false - uses: dtolnay/rust-toolchain@stable @@ -127,10 +127,10 @@ jobs: timeout-minutes: 5 steps: - name: Harden runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: persist-credentials: false - uses: dtolnay/rust-toolchain@stable diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a4104f0..48b8e99 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -23,7 +23,7 @@ jobs: tag_name: ${{ steps.release.outputs.tag_name }} steps: - name: Harden runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit - uses: googleapis/release-please-action@v5 @@ -57,10 +57,10 @@ jobs: steps: - name: Harden runner if: runner.os == 'Linux' - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: persist-credentials: false - uses: dtolnay/rust-toolchain@stable diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 58fa471..cff7698 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -42,10 +42,10 @@ jobs: continue-on-error: ${{ matrix.checks == 'advisories' }} steps: - name: Harden runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: persist-credentials: false - uses: EmbarkStudios/cargo-deny-action@v2 @@ -64,10 +64,10 @@ jobs: timeout-minutes: 10 steps: - name: Harden runner - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: persist-credentials: false - uses: actions-rust-lang/audit@v1 \ No newline at end of file