[PR #488] [MERGED] build(deps): bump step-security/harden-runner from 2.9.1 to 2.10.1 #497

New issue

Closed

opened 2026-03-03 14:31:26 +03:00 by kerem · 0 comments

kerem commented 2026-03-03 14:31:26 +03:00

Owner

Copy link

📋 Pull Request Information

Original PR: https://github.com/konstruktoid/hardening/pull/488
Author: @dependabot[bot]
Created: 9/12/2024
Status: ✅ Merged
Merged: 9/12/2024
Merged by: @konstruktoid

Base: master ← Head: dependabot/github_actions/step-security/harden-runner-2.10.1

---

📝 Commits (1)

• a511773 build(deps): bump step-security/harden-runner from 2.9.1 to 2.10.1

📊 Changes

5 files changed (+5 additions, -5 deletions)

View changed files

📝 .github/workflows/dependency-review.yml (+1 -1)
📝 .github/workflows/issues.yml (+1 -1)
📝 .github/workflows/scorecards.yml (+1 -1)
📝 .github/workflows/shellcheck.yml (+1 -1)
📝 .github/workflows/slsa.yml (+1 -1)

📄 Description

Bumps step-security/harden-runner from 2.9.1 to 2.10.1.

Release notes

Sourced from step-security/harden-runner's releases.

v2.10.1

What's Changed

Release v2.10.1 by @​varunsh-coder in step-security/harden-runner#463 Bug fix: Resolves an issue where DNS resolution of .local domains was failing when using a Kind cluster in a GitHub Actions workflow.

Full Changelog: https://github.com/step-security/harden-runner/compare/v2...v2.10.1

v2.10.0

What's Changed

Release v2.10.0 by @​h0x0er and @​varunsh-coder in step-security/harden-runner#455

ARM Support: Harden-Runner Enterprise tier now supports GitHub-hosted ARM runners. This includes all the features that apply to previously supported GitHub-hosted x64 Linux runners.

Full Changelog: https://github.com/step-security/harden-runner/compare/v2...v2.10.0

Commits

• 91182cc Merge pull request #463 from step-security/rc-14
• 59ec1c6 Update agent
• 1d23703 Merge pull request #461 from step-security/varunsh-coder-patch-1
• b03bdda Update README.md
• 3d8dd68 Update README.md
• 446798f Merge pull request #455 from step-security/rc-12
• f0d3b1e Update agent
• b7880a2 update dist
• dade49e Merge pull request #456 from h0x0er/arm-support
• d6248be bump enterprise agent version
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/konstruktoid/hardening/pull/488 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 9/12/2024 **Status:** ✅ Merged **Merged:** 9/12/2024 **Merged by:** [@konstruktoid](https://github.com/konstruktoid) **Base:** `master` ← **Head:** `dependabot/github_actions/step-security/harden-runner-2.10.1` --- ### 📝 Commits (1) - [`a511773`](https://github.com/konstruktoid/hardening/commit/a511773b2bd61e3a312fc554da4ac319ab63bb46) build(deps): bump step-security/harden-runner from 2.9.1 to 2.10.1 ### 📊 Changes **5 files changed** (+5 additions, -5 deletions) <details> <summary>View changed files</summary> 📝 `.github/workflows/dependency-review.yml` (+1 -1) 📝 `.github/workflows/issues.yml` (+1 -1) 📝 `.github/workflows/scorecards.yml` (+1 -1) 📝 `.github/workflows/shellcheck.yml` (+1 -1) 📝 `.github/workflows/slsa.yml` (+1 -1) </details> ### 📄 Description Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.9.1 to 2.10.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.10.1</h2> <h2>What's Changed</h2> <p>Release v2.10.1 by <a href="https://github.com/varunsh-coder"><code>@​varunsh-coder</code></a> in <a href="https://redirect.github.com/step-security/harden-runner/pull/463">step-security/harden-runner#463</a> Bug fix: Resolves an issue where DNS resolution of .local domains was failing when using a Kind cluster in a GitHub Actions workflow.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.10.1">https://github.com/step-security/harden-runner/compare/v2...v2.10.1</a></p> <h2>v2.10.0</h2> <h2>What's Changed</h2> <p>Release v2.10.0 by <a href="https://github.com/h0x0er"><code>@​h0x0er</code></a> and <a href="https://github.com/varunsh-coder"><code>@​varunsh-coder</code></a> in <a href="https://redirect.github.com/step-security/harden-runner/pull/455">step-security/harden-runner#455</a></p> <p><strong>ARM Support</strong>: Harden-Runner Enterprise tier now supports GitHub-hosted ARM runners. This includes all the features that apply to previously supported GitHub-hosted x64 Linux runners.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.10.0">https://github.com/step-security/harden-runner/compare/v2...v2.10.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/91182cccc01eb5e619899d80e4e971d6181294a7"><code>91182cc</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/463">#463</a> from step-security/rc-14</li> <li><a href="https://github.com/step-security/harden-runner/commit/59ec1c63417a5941b4c199e9e522f0756d2ab11b"><code>59ec1c6</code></a> Update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/1d2370362ea3d554c02ef9fa23b17f4a84d7949b"><code>1d23703</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/461">#461</a> from step-security/varunsh-coder-patch-1</li> <li><a href="https://github.com/step-security/harden-runner/commit/b03bddaa058e19a340af7befb2de4ddd76e4a7d7"><code>b03bdda</code></a> Update README.md</li> <li><a href="https://github.com/step-security/harden-runner/commit/3d8dd68e5758262d38de5cca3cbdc85addbbc28d"><code>3d8dd68</code></a> Update README.md</li> <li><a href="https://github.com/step-security/harden-runner/commit/446798f8213ac2e75931c1b0769676d927801858"><code>446798f</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/455">#455</a> from step-security/rc-12</li> <li><a href="https://github.com/step-security/harden-runner/commit/f0d3b1eb1ba908b9f69f8af7b0ab2ab59e2bfc1c"><code>f0d3b1e</code></a> Update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/b7880a2f96f65eea5c1b21cd4cef1a91b6c32471"><code>b7880a2</code></a> update dist</li> <li><a href="https://github.com/step-security/harden-runner/commit/dade49eade63e2277d55bb16749465b195246a6f"><code>dade49e</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/456">#456</a> from h0x0er/arm-support</li> <li><a href="https://github.com/step-security/harden-runner/commit/d6248bed80ff04443fd77c64092e77520ceed2c9"><code>d6248be</code></a> bump enterprise agent version</li> <li>Additional commits viewable in <a href="https://github.com/step-security/harden-runner/compare/5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde...91182cccc01eb5e619899d80e4e971d6181294a7">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

kerem 2026-03-03 14:31:26 +03:00

• closed this issue
• added the
  pull-request
  label

kerem referenced this issue 2026-03-03 14:31:29 +03:00

[PR #497] [MERGED] chore(deps): update actions/checkout action to v4.2.1 #506

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

renovate/github-codeql-action-4.x

v2.2.0

v2.1.0

v2.0.0

v1.0.0

v1.0

Labels

Clear labels   

Stale

  

bug

  

bug

  

bug

  

pull-request

Mirrored from GitHub Pull Request

No labels

Stale

bug

bug

bug

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/hardening#497

No description provided.