Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade step-security/harden-runner v2.10.1 -> v2.10.2 #1428

Merged
merged 1 commit into from
Dec 2, 2024
Merged

Upgrade step-security/harden-runner v2.10.1 -> v2.10.2 #1428

merged 1 commit into from
Dec 2, 2024

Conversation

Picnic-DevPla-Bot
Copy link
Contributor

@Picnic-DevPla-Bot Picnic-DevPla-Bot commented Nov 19, 2024
edited
Loading

This PR contains the following updates:

Package Type Update Change
step-security/harden-runner action patch v2.10.1 -> v2.10.2

Release Notes

step-security/harden-runner (step-security/harden-runner)

v2.10.2

Compare Source

What's Changed

  1. Fixes low-severity command injection weaknesses
    The advisory is here: GHSA-g85v-wf27-67xc

  2. Bug fix to improve detection of whether Harden-Runner is running in a container

Full Changelog: step-security/harden-runner@v2...v2.10.2

  • If you want to rebase/retry this PR, check this box

@Picnic-DevPla-Bot
Copy link
Contributor Author

Picnic-DevPla-Bot commented Nov 19, 2024
edited by Stephan202
Loading

Suggested commit message:

Upgrade step-security/harden-runner v2.10.1 -> v2.10.2 (#1428)

See:
- https://github.com/step-security/harden-runner/releases/tag/v2.10.2

@github-actions GitHub Actions
Copy link

Looks good. No mutations were possible for these changes.
Mutation testing report by Pitest. Review any surviving mutants by inspecting the line comments under Files changed.

@Stephan202 Stephan202 added this to the 0.20.0 milestone Nov 19, 2024
@Picnic-DevPla-Bot Picnic-DevPla-Bot force-pushed the renovate/step-security-harden-runner-2.x branch 3 times, most recently from a163353 to 67ab416 Compare November 28, 2024 02:03
@Picnic-DevPla-Bot Picnic-DevPla-Bot force-pushed the renovate/step-security-harden-runner-2.x branch 2 times, most recently from 9158a62 to 57e0a62 Compare December 2, 2024 02:20
@rickie rickie force-pushed the renovate/step-security-harden-runner-2.x branch from 57e0a62 to 72655e9 Compare December 2, 2024 09:06
@github-actions GitHub Actions
Copy link

github-actions bot commented Dec 2, 2024

Looks good. No mutations were possible for these changes.
Mutation testing report by Pitest. Review any surviving mutants by inspecting the line comments under Files changed.

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Dec 2, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@rickie rickie merged commit 1024f0e into master Dec 2, 2024
16 checks passed
@rickie rickie deleted the renovate/step-security-harden-runner-2.x branch December 2, 2024 09:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rickie rickie rickie approved these changes

@Stephan202 Stephan202 Stephan202 approved these changes

Assignees
No one assigned
Labels
dependencies
Milestone
0.20.0
Development

Successfully merging this pull request may close these issues.
3 participants
@Picnic-DevPla-Bot @Stephan202 @rickie