Feature to disable sudo: Use disable-sudo: true to run job steps without sudo access on the GitHub-hosted runner. disable-sudo is false by default and needs to be opted-into. (documentation)
File monitoring improvements: All source code files are monitored now for overwrite, instead of a few extensions. Instead of getting annotations for overwrites, you can also opt-in to getting email or Slack notifications if source code is overwritten. (documentation)
Support for private repositories: Starting with Harder Runner v2.0.0, use of harden runner for private repositories will require a Team/ Enterprise license. Harder Runner GitHub Action is free for all public repositories.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps step-security/harden-runner from 1.4.5 to 2.0.0.
Release notes
Sourced from step-security/harden-runner's releases.
Commits
ebacdc2
Merge pull request #209 from step-security/release-v2.0.0f28b626
Update README (#208)620cac5
Update version118e400
Changes for v2.0.0 (#207)3888ae1
Merge pull request #204 from step-security/dependabot/github_actions/github/c...1e3c2df
Bump github/codeql-action from 2.1.28 to 2.1.295e53a69
Merge pull request #203 from step-security/dependabot/github_actions/actions/...33d7981
Bump actions/upload-artifact from 3.1.0 to 3.1.15565dcd
Merge pull request #201 from step-security/dependabot/github_actions/github/c...d5b1e9d
Merge pull request #202 from step-security/dependabot/github_actions/ossf/sco...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)