Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update allowed connections lists #1597

Merged
merged 7 commits into from
Jan 15, 2024
Merged

Update allowed connections lists #1597

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
ac85c67
update allowed sockets
Zeitsperre Jan 15, 2024
393f083
add exceptions for markdown templates
Zeitsperre Jan 15, 2024
d18fd95
update black socket exceptions
Zeitsperre Jan 15, 2024
ac0f5fd
Merge branch 'master' into update-sockets
Zeitsperre Jan 15, 2024
000c80a
Merge branch 'master' into update-sockets
Zeitsperre Jan 15, 2024
cf37633
update CHANGES.rst
Zeitsperre Jan 15, 2024
4d77bb3
Merge remote-tracking branch 'origin/update-sockets' into update-sockets
Zeitsperre Jan 15, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion .github/workflows/add-to-project.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,11 @@ jobs:
- name: Harden Runner
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
with:
egress-policy: audit
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443

- uses: actions/[email protected]
with:
project-url: https://github.com/orgs/Ouranosinc/projects/6
Expand Down
8 changes: 7 additions & 1 deletion .github/workflows/bump-version.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ on:
- master
paths-ignore:
- .*
- .github/*/*.md
- .github/*/*.yml
- CHANGES.rst
- Makefile
Expand Down Expand Up @@ -36,7 +37,12 @@ jobs:
- name: Harden Runner
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
with:
egress-policy: audit
disable-sudo: true
egress-policy: block
allowed-endpoints: >
files.pythonhosted.org:443
github.com:443
pypi.org:443
- uses: actions/[email protected]
with:
persist-credentials: false
Expand Down
10 changes: 9 additions & 1 deletion .github/workflows/codeql-analysis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,15 @@ jobs:
- name: Harden Runner
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
with:
egress-policy: audit
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
files.pythonhosted.org:443
github.com:443
objects.githubusercontent.com:443
pypi.org:443
uploads.github.com:443
- name: Checkout repository
uses: actions/[email protected]
# Initializes the CodeQL tools for scanning.
Expand Down
2 changes: 2 additions & 0 deletions .github/workflows/dependency-review.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,9 @@ jobs:
allowed-endpoints: >
api.github.com:443
github.com:443

- name: 'Checkout Repository'
uses: actions/[email protected]

- name: 'Dependency Review'
uses: actions/[email protected]
5 changes: 4 additions & 1 deletion .github/workflows/first_pull_request.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,10 @@ jobs:
- name: Harden Runner
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
with:
egress-policy: audit
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443

- uses: actions/[email protected]
with:
Expand Down
6 changes: 5 additions & 1 deletion .github/workflows/label_on_approval.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,11 @@ jobs:
- name: Harden Runner
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
with:
egress-policy: audit
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443

- name: Label Approved
uses: actions/[email protected]
with:
Expand Down
7 changes: 6 additions & 1 deletion .github/workflows/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,12 @@ jobs:
- name: Harden Runner
uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
with:
egress-policy: audit
disable-sudo: true
egress-policy: block
allowed-endpoints: >
files.pythonhosted.org:443
github.com:443
pypi.org:443
- uses: actions/[email protected]
- name: Set up Python${{ matrix.python-version }}
uses: actions/[email protected]
Expand Down
3 changes: 3 additions & 0 deletions .github/workflows/upstream.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,11 +46,14 @@ jobs:
egress-policy: block
allowed-endpoints: >
api.github.com:443
conda.anaconda.org:443
dap.service.does.not.exist:443
files.pythonhosted.org:443
github.com:443
objects.githubusercontent.com:443
pypi.org:443
raw.githubusercontent.com:443
repo.anaconda.com:443
- uses: actions/[email protected]
with:
fetch-depth: 0 # Fetch all history for all branches and tags.
Expand Down
Loading