Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps-dev): update step-security/harden-runner action to v2.10.4 #61

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

chore(deps-dev): update step-security/harden-runner action to v2.10.4 #61

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Nov 19, 2023
edited
Loading

This PR contains the following updates:

Package Type Update Change
step-security/harden-runner action minor v2.6.0 -> v2.10.4

Release Notes

step-security/harden-runner (step-security/harden-runner)

v2.10.4

Compare Source

What's Changed

Fixed a potential Harden-Runner post step failure that could occur when printing agent service logs. The fix gracefully handles failures without failing the post step.

Full Changelog: step-security/harden-runner@v2...v2.10.4

v2.10.3

Compare Source

What's Changed

Fixed an issue where DNS requests using uppercase characters (e.g., EXAMPLE.com) were blocked even when the domain was present in the allowed list. This update standardizes domain names to lowercase for consistent comparison.

Full Changelog: step-security/harden-runner@v2...v2.10.3

v2.10.2

Compare Source

What's Changed

  1. Fixes low-severity command injection weaknesses
    The advisory is here: GHSA-g85v-wf27-67xc

  2. Bug fix to improve detection of whether Harden-Runner is running in a container

Full Changelog: step-security/harden-runner@v2...v2.10.2

v2.10.1

Compare Source

What's Changed

Release v2.10.1 by @​varunsh-coder in https://github.com/step-security/harden-runner/pull/463
Bug fix: Resolves an issue where DNS resolution of .local domains was failing when using a Kind cluster in a GitHub Actions workflow.

Full Changelog: step-security/harden-runner@v2...v2.10.1

v2.10.0

Compare Source

What's Changed

Release v2.10.0 by @​h0x0er and @​varunsh-coder in https://github.com/step-security/harden-runner/pull/455

ARM Support: Harden-Runner Enterprise tier now supports GitHub-hosted ARM runners. This includes all the features that apply to previously supported GitHub-hosted x64 Linux runners.

Full Changelog: step-security/harden-runner@v2...v2.10.0

v2.9.1

Compare Source

What's Changed

Release v2.9.1 by @​h0x0er and @​varunsh-coder in #​440
This release includes two changes:

  1. Updated markdown displayed in the job summary by the Harden-Runner Action.
  2. Fixed a bug affecting Enterprise Tier customers where the agent attempted to upload telemetry for jobs with disable-telemetry set to true. No telemetry was uploaded as the endpoint was not in the allowed list.

Full Changelog: step-security/harden-runner@v2...v2.9.1

v2.9.0

Compare Source

What's Changed

Release v2.9.0 by @​h0x0er and @​varunsh-coder in https://github.com/step-security/harden-runner/pull/435
This release includes:

  • Enterprise Tier - Telemetry Upload Enhancement:
    For the enterprise tier, this change helps overcome size constraints, allowing for more reliable telemetry uploads from the Harden-Runner agent to the StepSecurity backend API. No configuration change is needed to enable this.
  • Harden-Runner Agent Authentication:
    The Harden-Runner agent now uses a per-job key to authenticate to the StepSecurity backend API to submit telemetry. This change prevents the submission of telemetry data anonymously for a given job, improving the integrity of the data collection process. No configuration change is needed to enable this.
  • README Update:
    A Table of Contents has been added to the README file to improve navigation. This makes it easier for users to find the information they need quickly.
  • Dependency Update:
    Updated the braces npm package dependency to a non-vulnerable version. The vulnerability in braces did not affect the Harden Runner Action

Full Changelog: step-security/harden-runner@v2...v2.9.0

v2.8.1

Compare Source

What's Changed

Full Changelog: step-security/harden-runner@v2...v2.8.1

v2.8.0

Compare Source

What's Changed

Release v2.8.0 by @​h0x0er and @​varunsh-coder in https://github.com/step-security/harden-runner/pull/416
This release includes:

  • File Monitoring Enhancements: Adds the capability to view the name and path of every file written during the build process.
  • Process Tracking Enhancements: Adds the capability to view process names and arguments of processes run during the build process.

These enhancements are based on insights from the XZ Utils incident, aimed at improving observability and detections during the build process.

Full Changelog: step-security/harden-runner@v2...v2.8.0

v2.7.1

Compare Source

What's Changed

Release v2.7.1 by @​varunsh-coder, @​h0x0er, @​ashishkurmi in https://github.com/step-security/harden-runner/pull/397
This release:

  • Improves the capability to inspect outbound HTTPS traffic on GitHub-hosted and self-hosted VM runners
  • Updates README to add link to case study video on how Harden-Runner detected a supply chain attack on a Google open-source project
  • Addresses minor bugs

Full Changelog: step-security/harden-runner@v2.7.0...v2.7.1

v2.7.0

Compare Source

What's Changed

Release 2.7.0 by @​varunsh-coder and @​h0x0er in https://github.com/step-security/harden-runner/pull/376
This release:

  1. Updates the node runtime to node20
  2. Adds capability to inspect outbound HTTPS traffic on GitHub-hosted and self-hosted VM runners

Full Changelog: step-security/harden-runner@v2...v2.7.0

v2.6.1

Compare Source

What's Changed

Release v2.6.1 by @​varunsh-coder and @​h0x0er in https://github.com/step-security/harden-runner/pull/356
This release:

  1. Improves the job summary markdown written by the Harden-Runner Action
  2. Improves detection of cache endpoint used by the job
  3. Detects use of Kubernetes mode in Actions Runner Controller (ARC) based runners
  4. Updates dependencies

Full Changelog: step-security/harden-runner@v2...v2.6.1

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested a review from a team as a code owner November 19, 2023 21:11
@renovate renovate bot added dependencies Pull requests that update a dependency file github-actions labels Nov 19, 2023
@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 19, 2023
edited
Loading

Pull Request Test Coverage Report for Build 7761739698

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 79.167%
Totals Coverage Status
Change from base Build 6958577875: 0.0%
Covered Lines: 114
Relevant Lines: 144
💛 - Coveralls

@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from 60fd426 to 988bb4a Compare February 2, 2024 21:27
@renovate renovate bot changed the title chore(deps-dev): update step-security/harden-runner action to v2.6.1 chore(deps-dev): update step-security/harden-runner action to v2.7.0 Feb 2, 2024
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from 988bb4a to 16613f5 Compare May 2, 2024 22:47
@renovate renovate bot changed the title chore(deps-dev): update step-security/harden-runner action to v2.7.0 chore(deps-dev): update step-security/harden-runner action to v2.7.1 May 2, 2024
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from 16613f5 to a6cf4e4 Compare May 25, 2024 01:12
@renovate renovate bot changed the title chore(deps-dev): update step-security/harden-runner action to v2.7.1 chore(deps-dev): update step-security/harden-runner action to v2.8.0 May 25, 2024
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from a6cf4e4 to 3548804 Compare June 10, 2024 16:16
@renovate renovate bot changed the title chore(deps-dev): update step-security/harden-runner action to v2.8.0 chore(deps-dev): update step-security/harden-runner action to v2.8.1 Jun 10, 2024
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from 3548804 to ff62e7e Compare July 21, 2024 18:08
@renovate renovate bot changed the title chore(deps-dev): update step-security/harden-runner action to v2.8.1 chore(deps-dev): update step-security/harden-runner action to v2.9.0 Jul 21, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Jul 21, 2024
edited
Loading

Pull Request Test Coverage Report for Build 12920580149

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 79.167%
Totals Coverage Status
Change from base Build 6958577875: 0.0%
Covered Lines: 114
Relevant Lines: 144
💛 - Coveralls

@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from ff62e7e to d193822 Compare August 8, 2024 23:42
@renovate renovate bot changed the title chore(deps-dev): update step-security/harden-runner action to v2.9.0 chore(deps-dev): update step-security/harden-runner action to v2.9.1 Aug 8, 2024
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from d193822 to 0f7ae7d Compare September 13, 2024 19:41
@renovate renovate bot changed the title chore(deps-dev): update step-security/harden-runner action to v2.9.1 chore(deps-dev): update step-security/harden-runner action to v2.10.0 Sep 13, 2024
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from 0f7ae7d to d15f530 Compare September 14, 2024 07:45
@renovate renovate bot changed the title chore(deps-dev): update step-security/harden-runner action to v2.10.0 chore(deps-dev): update step-security/harden-runner action to v2.10.1 Sep 14, 2024
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from d15f530 to 2468432 Compare November 21, 2024 21:12
@renovate renovate bot changed the title chore(deps-dev): update step-security/harden-runner action to v2.10.1 chore(deps-dev): update step-security/harden-runner action to v2.10.2 Nov 21, 2024
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from 2468432 to e4abc7c Compare January 13, 2025 01:51
@renovate renovate bot changed the title chore(deps-dev): update step-security/harden-runner action to v2.10.2 chore(deps-dev): update step-security/harden-runner action to v2.10.3 Jan 13, 2025
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from e4abc7c to b40f739 Compare January 23, 2025 01:45
@renovate renovate bot changed the title chore(deps-dev): update step-security/harden-runner action to v2.10.3 chore(deps-dev): update step-security/harden-runner action to v2.10.4 Jan 23, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file github-actions size/XS
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants