Skip to content

chore(deps): update step-security/harden-runner action to v2.14.2#391

Merged
RoseSecurity merged 1 commit intomainfrom
renovate/step-security-harden-runner-2.x
Feb 8, 2026
Merged

chore(deps): update step-security/harden-runner action to v2.14.2#391
RoseSecurity merged 1 commit intomainfrom
renovate/step-security-harden-runner-2.x

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Feb 7, 2026

This PR contains the following updates:

Package Type Update Change
step-security/harden-runner action patch v2.14.1v2.14.2

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.


Release Notes

step-security/harden-runner (step-security/harden-runner)

v2.14.2

Compare Source

What's Changed

Security fix: Fixed a medium severity vulnerability where outbound network connections using sendto, sendmsg, and sendmmsg socket system calls could bypass audit logging when using egress-policy: audit. This issue only affects the Community Tier in audit mode; block mode and Enterprise Tier were not affected. See GHSA-cpmj-h4f6-r6pq for details.

Full Changelog: step-security/harden-runner@v2.14.1...v2.14.2


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested a review from RoseSecurity as a code owner February 7, 2026 05:59
@CLAassistant
Copy link

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from 802fdd5 to 4913dd2 Compare February 7, 2026 19:52
@RoseSecurity RoseSecurity merged commit 7bf0c9b into main Feb 8, 2026
7 of 8 checks passed
@RoseSecurity RoseSecurity deleted the renovate/step-security-harden-runner-2.x branch February 8, 2026 01:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants