Skip to content
Dependency Review

Bump step-security/harden-runner from 2.7.1 to 2.8.0 #46

Sign in to view logs

Bump step-security/harden-runner from 2.7.1 to 2.8.0

Bump step-security/harden-runner from 2.7.1 to 2.8.0 #46

Workflow file for this run

.github/workflows/dependency-review.yml at d14a663
name: Dependency Review
on:
pull_request:
branches: main
permissions:
contents: read
jobs:
dependency-review:
if: ${{ github.repository_owner == 'ihub-pub' }}
permissions:
contents: read
name: Dependency Review Scan
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
with:
disable-sudo: true
egress-policy: audit
- name: 'Checkout Repository'
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- name: 'Dependency Review'
uses: actions/dependency-review-action@0c155c5e8556a497adf53f2c18edabf945ed8e70 # v4.3.2