starred/hardening
1
0
Fork 0
mirror of https://github.com/konstruktoid/hardening.git synced 2026-04-26 01:05:56 +03:00
Code Issues 6 Projects Releases 4 Packages Wiki Activity

[PR #627] [CLOSED] chore(deps): update step-security/harden-runner action to v2.12.1 - autoclosed #626

New issue
Closed
opened 2026-03-03 14:32:02 +03:00 by kerem · 0 comments
kerem commented 2026-03-03 14:32:02 +03:00
Owner
Copy link

📋 Pull Request Information

Original PR: https://github.com/konstruktoid/hardening/pull/627
Author: @renovate[bot]
Created: 6/11/2025
Status: Closed

Base: masterHead: renovate/step-security-harden-runner-2.x

📝 Commits (1)

  • 8658883 chore(deps): update step-security/harden-runner action to v2.12.1

📊 Changes

5 files changed (+5 additions, -5 deletions)

View changed files

📝 .github/workflows/dependency-review.yml (+1 -1)
📝 .github/workflows/issues.yml (+1 -1)
📝 .github/workflows/scorecards.yml (+1 -1)
📝 .github/workflows/shellcheck.yml (+1 -1)
📝 .github/workflows/slsa.yml (+1 -1)

📄 Description

This PR contains the following updates:

Package Type Update Change
step-security/harden-runner action patch v2.12.0 -> v2.12.1

Release Notes

step-security/harden-runner (step-security/harden-runner)

v2.12.1

Compare Source

What's Changed
  • Detection capabilities have been upgraded to better recognize attempts at runner tampering. These improvements are informed by real-world incident learnings, including analysis of anomalous behaviors observed in the tj-actions and reviewdog supply chain attack.
  • Resolved an issue where the block policy was not enforced correctly when the GitHub Actions job was running inside a container on a self-hosted VM runner.

Full Changelog: https://github.com/step-security/harden-runner/compare/v2...v2.12.1

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/konstruktoid/hardening/pull/627 **Author:** [@renovate[bot]](https://github.com/apps/renovate) **Created:** 6/11/2025 **Status:** ❌ Closed **Base:** `master` ← **Head:** `renovate/step-security-harden-runner-2.x` --- ### 📝 Commits (1) - [`8658883`](https://github.com/konstruktoid/hardening/commit/865888336809974d30bdc34f0beadf1ef532f11f) chore(deps): update step-security/harden-runner action to v2.12.1 ### 📊 Changes **5 files changed** (+5 additions, -5 deletions) <details> <summary>View changed files</summary> 📝 `.github/workflows/dependency-review.yml` (+1 -1) 📝 `.github/workflows/issues.yml` (+1 -1) 📝 `.github/workflows/scorecards.yml` (+1 -1) 📝 `.github/workflows/shellcheck.yml` (+1 -1) 📝 `.github/workflows/slsa.yml` (+1 -1) </details> ### 📄 Description This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [step-security/harden-runner](https://redirect.github.com/step-security/harden-runner) | action | patch | `v2.12.0` -> `v2.12.1` | --- ### Release Notes <details> <summary>step-security/harden-runner (step-security/harden-runner)</summary> ### [`v2.12.1`](https://redirect.github.com/step-security/harden-runner/releases/tag/v2.12.1) [Compare Source](https://redirect.github.com/step-security/harden-runner/compare/v2.12.0...v2.12.1) ##### What's Changed - Detection capabilities have been upgraded to better recognize attempts at runner tampering. These improvements are informed by real-world incident learnings, including analysis of anomalous behaviors observed in the tj-actions and reviewdog supply chain attack. - Resolved an issue where the block policy was not enforced correctly when the GitHub Actions job was running inside a container on a self-hosted VM runner. **Full Changelog**: https://github.com/step-security/harden-runner/compare/v2...v2.12.1 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/konstruktoid/hardening). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MC40OC41IiwidXBkYXRlZEluVmVyIjoiNDAuNDguNSIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6W119--> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
kerem 2026-03-03 14:32:02 +03:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
renovate/github-codeql-action-4.x
v2.2.0
v2.1.0
v2.0.0
v1.0.0
v1.0
Labels
Clear labels   
Stale

   
bug

   
bug

   
bug

   
pull-request

Mirrored from GitHub Pull Request

No labels
Stale
bug
bug
bug
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/hardening#626
No description provided.