DeployHubProject/ms-cr-action (DeployHubProject/ms-cr-action)
### [`v1.2.78`](https://togithub.com/DeployHubProject/ms-cr-action/releases/tag/v1.2.78)
[Compare Source](https://togithub.com/DeployHubProject/ms-cr-action/compare/v1.2.77...v1.2.78)
##### [1.2.78](https://togithub.com/DeployHubProject/ms-cr-action/compare/v1.2.77...v1.2.78) (2024-07-19)
### [`v1.2.77`](https://togithub.com/DeployHubProject/ms-cr-action/releases/tag/v1.2.77)
[Compare Source](https://togithub.com/DeployHubProject/ms-cr-action/compare/v1.2.76...v1.2.77)
##### [1.2.77](https://togithub.com/DeployHubProject/ms-cr-action/compare/v1.2.76...v1.2.77) (2024-07-19)
step-security/harden-runner (step-security/harden-runner)
### [`v2.9.0`](https://togithub.com/step-security/harden-runner/releases/tag/v2.9.0)
[Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.8.1...v2.9.0)
##### What's Changed
Release v2.9.0 by [@h0x0er](https://togithub.com/h0x0er) and [@varunsh-coder](https://togithub.com/varunsh-coder) in [https://github.com/step-security/harden-runner/pull/435](https://togithub.com/step-security/harden-runner/pull/435)
This release includes:
- Enterprise Tier - Telemetry Upload Enhancement:
For the enterprise tier, this change helps overcome size constraints, allowing for more reliable telemetry uploads from the Harden-Runner agent to the StepSecurity backend API. No configuration change is needed to enable this.
- Harden-Runner Agent Authentication:
The Harden-Runner agent now uses a per-job key to authenticate to the StepSecurity backend API to submit telemetry. This change prevents the submission of telemetry data anonymously for a given job, improving the integrity of the data collection process. No configuration change is needed to enable this.
- README Update:
A Table of Contents has been added to the README file to improve navigation. This makes it easier for users to find the information they need quickly.
- Dependency Update:
Updated the `braces` npm package dependency to a non-vulnerable version. The vulnerability in `braces` did not affect the Harden Runner Action
**Full Changelog**: https://github.com/step-security/harden-runner/compare/v2...v2.9.0
Configuration
📅 Schedule: Branch creation - "every 1 hours every weekday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
[ ] If you want to rebase/retry this PR, check this box
This PR contains the following updates:
v1.2.76
->v1.2.78
v2.8.1
->v2.9.0
Release Notes
DeployHubProject/ms-cr-action (DeployHubProject/ms-cr-action)
### [`v1.2.78`](https://togithub.com/DeployHubProject/ms-cr-action/releases/tag/v1.2.78) [Compare Source](https://togithub.com/DeployHubProject/ms-cr-action/compare/v1.2.77...v1.2.78) ##### [1.2.78](https://togithub.com/DeployHubProject/ms-cr-action/compare/v1.2.77...v1.2.78) (2024-07-19) ### [`v1.2.77`](https://togithub.com/DeployHubProject/ms-cr-action/releases/tag/v1.2.77) [Compare Source](https://togithub.com/DeployHubProject/ms-cr-action/compare/v1.2.76...v1.2.77) ##### [1.2.77](https://togithub.com/DeployHubProject/ms-cr-action/compare/v1.2.76...v1.2.77) (2024-07-19)step-security/harden-runner (step-security/harden-runner)
### [`v2.9.0`](https://togithub.com/step-security/harden-runner/releases/tag/v2.9.0) [Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.8.1...v2.9.0) ##### What's Changed Release v2.9.0 by [@h0x0er](https://togithub.com/h0x0er) and [@varunsh-coder](https://togithub.com/varunsh-coder) in [https://github.com/step-security/harden-runner/pull/435](https://togithub.com/step-security/harden-runner/pull/435) This release includes: - Enterprise Tier - Telemetry Upload Enhancement: For the enterprise tier, this change helps overcome size constraints, allowing for more reliable telemetry uploads from the Harden-Runner agent to the StepSecurity backend API. No configuration change is needed to enable this. - Harden-Runner Agent Authentication: The Harden-Runner agent now uses a per-job key to authenticate to the StepSecurity backend API to submit telemetry. This change prevents the submission of telemetry data anonymously for a given job, improving the integrity of the data collection process. No configuration change is needed to enable this. - README Update: A Table of Contents has been added to the README file to improve navigation. This makes it easier for users to find the information they need quickly. - Dependency Update: Updated the `braces` npm package dependency to a non-vulnerable version. The vulnerability in `braces` did not affect the Harden Runner Action **Full Changelog**: https://github.com/step-security/harden-runner/compare/v2...v2.9.0Configuration
📅 Schedule: Branch creation - "every 1 hours every weekday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.