m/obsidian-metadata
1
0
Fork 0
mirror of https://github.com/natelandau/obsidian-metadata.git synced 2025-11-18 09:53:40 -05:00
Code Issues Packages Projects Releases Wiki Activity

ci: update harden security runner (#42)

Browse Source
This commit is contained in:
Nathaniel Landau
2023-05-05 14:51:32 -04:00
committed by GitHub
parent 2d15760096
commit b762c34860
7 changed files with 15 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.github/workflows/automated-tests.yml vendored
View File

@@ -38,7 +38,8 @@ jobs:
matrix:
python-version: ["3.10", "3.11"]
steps:
- uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v2.2.1
- name: Harden Security Runner
uses: step-security/harden-runner@v2
with:
egress-policy: block
disable-sudo: true

4
.github/workflows/commit-linter.yml vendored
View File

@@ -22,8 +22,8 @@ jobs:
pull-requests: read # for wagoid/commitlint-github-action to get commits in PR
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v2.2.1
- name: Harden Security Runner
uses: step-security/harden-runner@v2
with:
egress-policy: block
allowed-endpoints: >

3
.github/workflows/create-release.yml vendored
View File

@@ -22,7 +22,8 @@ jobs:
matrix:
python-version: ["3.11"]
steps:
- uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v2.2.1
- name: Harden Security Runner
uses: step-security/harden-runner@v2
with:
egress-policy: block
disable-sudo: true

8
.github/workflows/devcontainer-checker.yml vendored
View File

@@ -27,17 +27,17 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v2.2.1
- name: Harden Security Runner
uses: step-security/harden-runner@v2
with:
egress-policy: block
allowed-endpoints: >
*.data.mcr.microsoft.com:443
api.snapcraft.io:443
auth.docker.io:443
centralus.data.mcr.microsoft.com:443
deb.debian.org:443
deb.debian.org:80
dl.yarnpkg.com:443
eastus.data.mcr.microsoft.com:443
files.pythonhosted.org:443
ghcr.io:443
git.rootprojects.org:443
@@ -51,8 +51,6 @@ jobs:
registry-1.docker.io:443
registry.npmjs.org:443
webi.sh:443
westcentralus.data.mcr.microsoft.com:443
westus.data.mcr.microsoft.com:443
- name: Checkout
uses: actions/checkout@v3

4
.github/workflows/labeler.yml vendored
View File

@@ -10,8 +10,8 @@ jobs:
pull-requests: write
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v2.2.1
- name: Harden Security Runner
uses: step-security/harden-runner@v2
with:
egress-policy: block
allowed-endpoints: >

4
.github/workflows/pr-linter.yml vendored
View File

@@ -21,8 +21,8 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v2.2.1
- name: Harden Security Runner
uses: step-security/harden-runner@v2
with:
egress-policy: block
allowed-endpoints: >

3
.github/workflows/pypi-release.yml vendored
View File

@@ -18,7 +18,8 @@ jobs:
matrix:
python-version: ["3.11"]
steps:
- uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v2.2.1
- name: Harden Security Runner
uses: step-security/harden-runner@v2
with:
egress-policy: block
disable-sudo: true