actions/checkout
### [`v3.5.2`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v352)
[Compare Source](https://togithub.com/actions/checkout/compare/v3.5.1...v3.5.2)
- [Fix api endpoint for GHES](https://togithub.com/actions/checkout/pull/1289)
### [`v3.5.1`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v351)
[Compare Source](https://togithub.com/actions/checkout/compare/v3.5.0...v3.5.1)
- [Fix slow checkout on Windows](https://togithub.com/actions/checkout/pull/1246)
### [`v3.5.0`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v350)
[Compare Source](https://togithub.com/actions/checkout/compare/v3.4.0...v3.5.0)
- [Add new public key for known_hosts](https://togithub.com/actions/checkout/pull/1237)
### [`v3.4.0`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v340)
[Compare Source](https://togithub.com/actions/checkout/compare/v3.3.0...v3.4.0)
- [Upgrade codeql actions to v2](https://togithub.com/actions/checkout/pull/1209)
- [Upgrade dependencies](https://togithub.com/actions/checkout/pull/1210)
- [Upgrade @actions/io](https://togithub.com/actions/checkout/pull/1225)
github/codeql-action
### [`v2.3.2`](https://togithub.com/github/codeql-action/compare/v2.3.1...v2.3.2)
[Compare Source](https://togithub.com/github/codeql-action/compare/v2.3.1...v2.3.2)
### [`v2.3.1`](https://togithub.com/github/codeql-action/compare/v2.3.0...v2.3.1)
[Compare Source](https://togithub.com/github/codeql-action/compare/v2.3.0...v2.3.1)
### [`v2.3.0`](https://togithub.com/github/codeql-action/compare/v2.2.12...v2.3.0)
[Compare Source](https://togithub.com/github/codeql-action/compare/v2.2.12...v2.3.0)
### [`v2.2.12`](https://togithub.com/github/codeql-action/compare/v2.2.11...v2.2.12)
[Compare Source](https://togithub.com/github/codeql-action/compare/v2.2.11...v2.2.12)
### [`v2.2.11`](https://togithub.com/github/codeql-action/compare/v2.2.10...v2.2.11)
[Compare Source](https://togithub.com/github/codeql-action/compare/v2.2.10...v2.2.11)
### [`v2.2.10`](https://togithub.com/github/codeql-action/compare/v2.2.9...v2.2.10)
[Compare Source](https://togithub.com/github/codeql-action/compare/v2.2.9...v2.2.10)
### [`v2.2.9`](https://togithub.com/github/codeql-action/compare/v2.2.8...v2.2.9)
[Compare Source](https://togithub.com/github/codeql-action/compare/v2.2.8...v2.2.9)
### [`v2.2.8`](https://togithub.com/github/codeql-action/compare/v2.2.7...v2.2.8)
[Compare Source](https://togithub.com/github/codeql-action/compare/v2.2.7...v2.2.8)
### [`v2.2.7`](https://togithub.com/github/codeql-action/compare/v2.2.6...v2.2.7)
[Compare Source](https://togithub.com/github/codeql-action/compare/v2.2.6...v2.2.7)
### [`v2.2.6`](https://togithub.com/github/codeql-action/compare/v2.2.5...v2.2.6)
[Compare Source](https://togithub.com/github/codeql-action/compare/v2.2.5...v2.2.6)
ossf/scorecard-action
### [`v2.1.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.1.3)
[Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.1.2...v2.1.3)
#### What's Changed
- π± Bump github.com/ossf/scorecard/v4 from 4.10.2 to 4.10.5 by [@spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1111](https://togithub.com/ossf/scorecard-action/pull/1111)
##### Bug Fixes
- Invalid SARIF files from a bug in scorecard
- [#1076](https://togithub.com/ossf/scorecard-action/issues/1076), [#1094](https://togithub.com/ossf/scorecard-action/issues/1094)
- Vulnerabilities check crashes if a vulnerable dependency is found via OSVScanner
- [#1092](https://togithub.com/ossf/scorecard-action/issues/1092)
- Scorecard action not reporting binary artifacts in the repo
- [#1116](https://togithub.com/ossf/scorecard-action/issues/1116)
**Full Scorecard Changelog**: https://github.com/ossf/scorecard/compare/v4.10.2...v4.10.5
**Full Changelog**: https://github.com/ossf/scorecard-action/compare/v2.1.2...v2.1.3
step-security/harden-runner
### [`v2.3.1`](https://togithub.com/step-security/harden-runner/releases/tag/v2.3.1)
[Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.3.0...v2.3.1)
##### What's Changed
- Release v2.3.1 by [@arjundashrath](https://togithub.com/arjundashrath) and [@varunsh-coder](https://togithub.com/varunsh-coder) in [https://github.com/step-security/harden-runner/pull/281](https://togithub.com/step-security/harden-runner/pull/281)
Fixes [#279](https://togithub.com/step-security/harden-runner/issues/279) and [#275](https://togithub.com/step-security/harden-runner/issues/275)
- Update README.md by [@varunsh-coder](https://togithub.com/varunsh-coder) in [https://github.com/step-security/harden-runner/pull/267](https://togithub.com/step-security/harden-runner/pull/267)
- Bump step-security/harden-runner from 2.2.1 to 2.3.0 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/step-security/harden-runner/pull/268](https://togithub.com/step-security/harden-runner/pull/268)
- Bump codecov/codecov-action from 3.1.1 to 3.1.2 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/step-security/harden-runner/pull/273](https://togithub.com/step-security/harden-runner/pull/273)
- Bump ossf/scorecard-action from 2.1.2 to 2.1.3 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/step-security/harden-runner/pull/265](https://togithub.com/step-security/harden-runner/pull/265)
- Bump actions/checkout from 3.3.0 to 3.5.0 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/step-security/harden-runner/pull/261](https://togithub.com/step-security/harden-runner/pull/261)
- Bump github/codeql-action from 2.2.6 to 2.2.11 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/step-security/harden-runner/pull/270](https://togithub.com/step-security/harden-runner/pull/270)
**Full Changelog**: https://github.com/step-security/harden-runner/compare/v2...v2.3.1
### [`v2.3.0`](https://togithub.com/step-security/harden-runner/releases/tag/v2.3.0)
[Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.2.1...v2.3.0)
##### What's Changed
- Enable setting policy via insights website ([link to documentation](https://docs.stepsecurity.io/harden-runner/how-tos/block-egress-traffic#2-add-the-policy-using-the-policy-store)) by [@h0x0er](https://togithub.com/h0x0er) and [@varunsh-coder](https://togithub.com/varunsh-coder) in [https://github.com/step-security/harden-runner/pull/266](https://togithub.com/step-security/harden-runner/pull/266)
The Policy Store helps you manage Harden Runner policies without altering your workflow files.
- Update README.md by [@varunsh-coder](https://togithub.com/varunsh-coder) in [https://github.com/step-security/harden-runner/pull/255](https://togithub.com/step-security/harden-runner/pull/255)
- Bump github/codeql-action from 2.2.4 to 2.2.6 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/step-security/harden-runner/pull/254](https://togithub.com/step-security/harden-runner/pull/254)
- Bump step-security/harden-runner from 2.2.0 to 2.2.1 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/step-security/harden-runner/pull/256](https://togithub.com/step-security/harden-runner/pull/256)
**Full Changelog**: https://github.com/step-security/harden-runner/compare/v2...v2.3.0
### [`v2.2.1`](https://togithub.com/step-security/harden-runner/releases/tag/v2.2.1)
[Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.2.0...v2.2.1)
#### What's Changed
- Fix issue to get cache endpoint by [@h0x0er](https://togithub.com/h0x0er) in [https://github.com/step-security/harden-runner/pull/253](https://togithub.com/step-security/harden-runner/pull/253)
Harden runner has the ability to automatically detect the cache endpoint used by each job. When Harden runner is used in block mode, this endpoint is added to the list of allowed endpoints. A fix has been implemented to improve this feature by updating the logic used to fetch the cache endpoint. This update involves using code from the actions/cache library to ensure the endpoint is properly retrieved.
- Update README.md by [@varunsh-coder](https://togithub.com/varunsh-coder) in [https://github.com/step-security/harden-runner/pull/247](https://togithub.com/step-security/harden-runner/pull/247)
- Bump step-security/harden-runner from 2.1.0 to 2.2.0 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/step-security/harden-runner/pull/248](https://togithub.com/step-security/harden-runner/pull/248)
- Bump github/codeql-action from 2.1.38 to 2.2.4 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/step-security/harden-runner/pull/244](https://togithub.com/step-security/harden-runner/pull/244)
**Full Changelog**: https://github.com/step-security/harden-runner/compare/v2...v2.2.1
Configuration
π Schedule: Branch creation - "before 3am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π» Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
14.18.37
->14.18.43
v3.3.0
->v3.5.2
v2.2.5
->v2.3.2
v2.1.2
->v2.1.3
v2.2.0
->v2.3.1
Release Notes
actions/checkout
### [`v3.5.2`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v352) [Compare Source](https://togithub.com/actions/checkout/compare/v3.5.1...v3.5.2) - [Fix api endpoint for GHES](https://togithub.com/actions/checkout/pull/1289) ### [`v3.5.1`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v351) [Compare Source](https://togithub.com/actions/checkout/compare/v3.5.0...v3.5.1) - [Fix slow checkout on Windows](https://togithub.com/actions/checkout/pull/1246) ### [`v3.5.0`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v350) [Compare Source](https://togithub.com/actions/checkout/compare/v3.4.0...v3.5.0) - [Add new public key for known_hosts](https://togithub.com/actions/checkout/pull/1237) ### [`v3.4.0`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v340) [Compare Source](https://togithub.com/actions/checkout/compare/v3.3.0...v3.4.0) - [Upgrade codeql actions to v2](https://togithub.com/actions/checkout/pull/1209) - [Upgrade dependencies](https://togithub.com/actions/checkout/pull/1210) - [Upgrade @actions/io](https://togithub.com/actions/checkout/pull/1225)github/codeql-action
### [`v2.3.2`](https://togithub.com/github/codeql-action/compare/v2.3.1...v2.3.2) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.3.1...v2.3.2) ### [`v2.3.1`](https://togithub.com/github/codeql-action/compare/v2.3.0...v2.3.1) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.3.0...v2.3.1) ### [`v2.3.0`](https://togithub.com/github/codeql-action/compare/v2.2.12...v2.3.0) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.2.12...v2.3.0) ### [`v2.2.12`](https://togithub.com/github/codeql-action/compare/v2.2.11...v2.2.12) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.2.11...v2.2.12) ### [`v2.2.11`](https://togithub.com/github/codeql-action/compare/v2.2.10...v2.2.11) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.2.10...v2.2.11) ### [`v2.2.10`](https://togithub.com/github/codeql-action/compare/v2.2.9...v2.2.10) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.2.9...v2.2.10) ### [`v2.2.9`](https://togithub.com/github/codeql-action/compare/v2.2.8...v2.2.9) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.2.8...v2.2.9) ### [`v2.2.8`](https://togithub.com/github/codeql-action/compare/v2.2.7...v2.2.8) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.2.7...v2.2.8) ### [`v2.2.7`](https://togithub.com/github/codeql-action/compare/v2.2.6...v2.2.7) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.2.6...v2.2.7) ### [`v2.2.6`](https://togithub.com/github/codeql-action/compare/v2.2.5...v2.2.6) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.2.5...v2.2.6)ossf/scorecard-action
### [`v2.1.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.1.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.1.2...v2.1.3) #### What's Changed - π± Bump github.com/ossf/scorecard/v4 from 4.10.2 to 4.10.5 by [@spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1111](https://togithub.com/ossf/scorecard-action/pull/1111) ##### Bug Fixes - Invalid SARIF files from a bug in scorecard - [#1076](https://togithub.com/ossf/scorecard-action/issues/1076), [#1094](https://togithub.com/ossf/scorecard-action/issues/1094) - Vulnerabilities check crashes if a vulnerable dependency is found via OSVScanner - [#1092](https://togithub.com/ossf/scorecard-action/issues/1092) - Scorecard action not reporting binary artifacts in the repo - [#1116](https://togithub.com/ossf/scorecard-action/issues/1116) **Full Scorecard Changelog**: https://github.com/ossf/scorecard/compare/v4.10.2...v4.10.5 **Full Changelog**: https://github.com/ossf/scorecard-action/compare/v2.1.2...v2.1.3step-security/harden-runner
### [`v2.3.1`](https://togithub.com/step-security/harden-runner/releases/tag/v2.3.1) [Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.3.0...v2.3.1) ##### What's Changed - Release v2.3.1 by [@arjundashrath](https://togithub.com/arjundashrath) and [@varunsh-coder](https://togithub.com/varunsh-coder) in [https://github.com/step-security/harden-runner/pull/281](https://togithub.com/step-security/harden-runner/pull/281) Fixes [#279](https://togithub.com/step-security/harden-runner/issues/279) and [#275](https://togithub.com/step-security/harden-runner/issues/275) - Update README.md by [@varunsh-coder](https://togithub.com/varunsh-coder) in [https://github.com/step-security/harden-runner/pull/267](https://togithub.com/step-security/harden-runner/pull/267) - Bump step-security/harden-runner from 2.2.1 to 2.3.0 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/step-security/harden-runner/pull/268](https://togithub.com/step-security/harden-runner/pull/268) - Bump codecov/codecov-action from 3.1.1 to 3.1.2 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/step-security/harden-runner/pull/273](https://togithub.com/step-security/harden-runner/pull/273) - Bump ossf/scorecard-action from 2.1.2 to 2.1.3 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/step-security/harden-runner/pull/265](https://togithub.com/step-security/harden-runner/pull/265) - Bump actions/checkout from 3.3.0 to 3.5.0 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/step-security/harden-runner/pull/261](https://togithub.com/step-security/harden-runner/pull/261) - Bump github/codeql-action from 2.2.6 to 2.2.11 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/step-security/harden-runner/pull/270](https://togithub.com/step-security/harden-runner/pull/270) **Full Changelog**: https://github.com/step-security/harden-runner/compare/v2...v2.3.1 ### [`v2.3.0`](https://togithub.com/step-security/harden-runner/releases/tag/v2.3.0) [Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.2.1...v2.3.0) ##### What's Changed - Enable setting policy via insights website ([link to documentation](https://docs.stepsecurity.io/harden-runner/how-tos/block-egress-traffic#2-add-the-policy-using-the-policy-store)) by [@h0x0er](https://togithub.com/h0x0er) and [@varunsh-coder](https://togithub.com/varunsh-coder) in [https://github.com/step-security/harden-runner/pull/266](https://togithub.com/step-security/harden-runner/pull/266) The Policy Store helps you manage Harden Runner policies without altering your workflow files. - Update README.md by [@varunsh-coder](https://togithub.com/varunsh-coder) in [https://github.com/step-security/harden-runner/pull/255](https://togithub.com/step-security/harden-runner/pull/255) - Bump github/codeql-action from 2.2.4 to 2.2.6 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/step-security/harden-runner/pull/254](https://togithub.com/step-security/harden-runner/pull/254) - Bump step-security/harden-runner from 2.2.0 to 2.2.1 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/step-security/harden-runner/pull/256](https://togithub.com/step-security/harden-runner/pull/256) **Full Changelog**: https://github.com/step-security/harden-runner/compare/v2...v2.3.0 ### [`v2.2.1`](https://togithub.com/step-security/harden-runner/releases/tag/v2.2.1) [Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.2.0...v2.2.1) #### What's Changed - Fix issue to get cache endpoint by [@h0x0er](https://togithub.com/h0x0er) in [https://github.com/step-security/harden-runner/pull/253](https://togithub.com/step-security/harden-runner/pull/253) Harden runner has the ability to automatically detect the cache endpoint used by each job. When Harden runner is used in block mode, this endpoint is added to the list of allowed endpoints. A fix has been implemented to improve this feature by updating the logic used to fetch the cache endpoint. This update involves using code from the actions/cache library to ensure the endpoint is properly retrieved. - Update README.md by [@varunsh-coder](https://togithub.com/varunsh-coder) in [https://github.com/step-security/harden-runner/pull/247](https://togithub.com/step-security/harden-runner/pull/247) - Bump step-security/harden-runner from 2.1.0 to 2.2.0 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/step-security/harden-runner/pull/248](https://togithub.com/step-security/harden-runner/pull/248) - Bump github/codeql-action from 2.1.38 to 2.2.4 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/step-security/harden-runner/pull/244](https://togithub.com/step-security/harden-runner/pull/244) **Full Changelog**: https://github.com/step-security/harden-runner/compare/v2...v2.2.1Configuration
π Schedule: Branch creation - "before 3am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π» Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Mend Renovate. View repository job log here.