File tree Expand file tree Collapse file tree 2 files changed +29
-6
lines changed
Expand file tree Collapse file tree 2 files changed +29
-6
lines changed Original file line number Diff line number Diff line change 55 github :
66 runs-on : ubuntu-latest
77 steps :
8- - uses : actions/checkout@v2
8+ - name : Harden the runner (Audit all outbound calls)
9+ uses : step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
10+ with :
11+ egress-policy : audit
12+
13+ - uses : actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
914 with : { fetch-depth: 0 }
1015 - run : npm run -s relnotes | tee relnotes.txt
11- - uses : jasonkarns/create-release@master
16+ - uses : jasonkarns/create-release@9249b73e127bea00eb6f2caa7244657983df0557 # master
1217 with : { body_path: relnotes.txt }
1318
1419 homebrew :
1520 runs-on : ubuntu-latest
1621 steps :
17- - uses : mislav/bump-homebrew-formula-action@v1
22+ - name : Harden the runner (Audit all outbound calls)
23+ uses : step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
24+ with :
25+ egress-policy : audit
26+
27+ - uses : mislav/bump-homebrew-formula-action@21991dc8f899341b552c9842957677139a340980 # v1.16
1828 with : { formula-name: nodenv }
1929 env :
2030 COMMITTER_TOKEN : ${{ secrets.BOT_TOKEN }}
2131
2232 npm :
2333 runs-on : ubuntu-latest
2434 steps :
25- - uses : actions/checkout@v2
26- - uses : actions/setup-node@v1
35+ - name : Harden the runner (Audit all outbound calls)
36+ uses : step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
37+ with :
38+ egress-policy : audit
39+
40+ - uses : actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
41+ - uses : actions/setup-node@f1f314fca9dfce2769ece7d933488f076716723e # v1.4.6
2742 with :
2843 scope : nodenv
2944 registry-url : https://registry.npmjs.org
Original file line number Diff line number Diff line change 11name : Test
22on : [push, pull_request]
33
4+ permissions :
5+ contents : read
6+
47jobs :
58 test :
69 runs-on : ubuntu-latest
710
811 steps :
9- - uses : actions/checkout@v2
12+ - name : Harden the runner (Audit all outbound calls)
13+ uses : step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
14+ with :
15+ egress-policy : audit
16+
17+ - uses : actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
1018 - run : npm cit
You can’t perform that action at this time.
0 commit comments