Merge pull request #122 from MaineDSA/dependabot/github_actions/step-security/harden-runner-2.16.1

bmos · web-flow · commit b13bf6dc3b03 · 2026-04-02T07:34:17.000-04:00
Bump step-security/harden-runner from 2.16.0 to 2.16.1
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -27,7 +27,7 @@ jobs:
           - python
 
     steps:
-      - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594
+      - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d
         with:
           disable-sudo: true
           egress-policy: block
diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml
@@ -31,7 +31,7 @@ jobs:
         steps:
             # DO NOT run actions/checkout here, for security reasons
             # For details, refer to https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
-            - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594
+            - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d
               with:
                 disable-sudo: false
                 egress-policy: audit
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594
+      - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d
         with:
           disable-sudo: true
           egress-policy: block
