1515 runs-on : ubuntu-latest
1616 steps :
1717 - name : Harden the runner (Audit all outbound calls)
18- uses : step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
18+ uses : step-security/harden-runner@ab7a9404c0f3da075243ca237b5fac12c98deaa5 # v2.19.3
1919 with :
2020 egress-policy : audit
2121
3535 timeout-minutes : 10
3636 steps :
3737 - name : Harden the runner (Audit all outbound calls)
38- uses : step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
38+ uses : step-security/harden-runner@ab7a9404c0f3da075243ca237b5fac12c98deaa5 # v2.19.3
3939 with :
4040 egress-policy : audit
4141
4747 filter_triggers : ' '
4848
4949 - name : Upload SARIF file to GitHub
50- uses : github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
50+ uses : github/codeql-action/upload-sarif@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4.35.5
5151 with :
5252 sarif_file : " ${{steps.octoscan.outputs.sarif_output}}"
5353 category : octoscan
6060 security-events : write # Required for codeql-action/upload-sarif to upload SARIF files.
6161 steps :
6262 - name : Harden the runner (Audit all outbound calls)
63- uses : step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
63+ uses : step-security/harden-runner@ab7a9404c0f3da075243ca237b5fac12c98deaa5 # v2.19.3
6464 with :
6565 egress-policy : audit
6666
7373 uses : boostsecurityio/poutine-action@84c0a0d32e8d57ae12651222be1eb15351429228 # v0.15.2
7474
7575 - name : Upload poutine SARIF file
76- uses : github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
76+ uses : github/codeql-action/upload-sarif@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4.35.5
7777 with :
7878 sarif_file : results.sarif
7979 category : poutine
8686 security-events : write # Required for codeql-action/upload-sarif to upload SARIF files.
8787 steps :
8888 - name : Harden the runner (Audit all outbound calls)
89- uses : step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
89+ uses : step-security/harden-runner@ab7a9404c0f3da075243ca237b5fac12c98deaa5 # v2.19.3
9090 with :
9191 egress-policy : audit
9292
9696 persist-credentials : false
9797
9898 - name : Install the latest version of uv
99- uses : astral-sh/setup-uv@eac588ad8def6316056a12d4907a9d4d84ff7a3b # v7.3 .0
99+ uses : astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7.6 .0
100100 with :
101101 enable-cache : false
102102
@@ -106,7 +106,7 @@ jobs:
106106 GH_TOKEN : ${{ secrets.GITHUB_TOKEN }}
107107
108108 - name : Upload SARIF file
109- uses : github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
109+ uses : github/codeql-action/upload-sarif@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4.35.5
110110 with :
111111 sarif_file : results.sarif
112112 category : zizmor
0 commit comments