step-security/harden-runner (step-security/harden-runner)
### [`v2.8.0`](https://togithub.com/step-security/harden-runner/releases/tag/v2.8.0)
[Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.7.1...v2.8.0)
#### What's Changed
Release v2.8.0 by [@h0x0er](https://togithub.com/h0x0er) and [@varunsh-coder](https://togithub.com/varunsh-coder) in [https://github.com/step-security/harden-runner/pull/416](https://togithub.com/step-security/harden-runner/pull/416)
This release includes:
- File Monitoring Enhancements: Adds the capability to view the name and path of every file written during the build process.
- Process Tracking Enhancements: Adds the capability to view process names and arguments of processes run during the build process.
These enhancements are based on insights from the XZ Utils incident, aimed at improving observability and detections during the build process.
**Full Changelog**: https://github.com/step-security/harden-runner/compare/v2...v2.8.0
### [`v2.7.1`](https://togithub.com/step-security/harden-runner/releases/tag/v2.7.1)
[Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.7.0...v2.7.1)
##### What's Changed
Release v2.7.1 by [@varunsh-coder](https://togithub.com/varunsh-coder), [@h0x0er](https://togithub.com/h0x0er), [@ashishkurmi](https://togithub.com/ashishkurmi) in [https://github.com/step-security/harden-runner/pull/397](https://togithub.com/step-security/harden-runner/pull/397)
This release:
- Improves the capability to [inspect outbound HTTPS traffic](https://www.stepsecurity.io/blog/monitor-outbound-https-requests-from-github-actions-runners) on GitHub-hosted and self-hosted VM runners
- Updates README to add link to [case study video](https://www.youtube.com/watch?v=Yz72qAOrN9s) on how Harden-Runner detected a supply chain attack on a Google open-source project
- Addresses minor bugs
**Full Changelog**: https://github.com/step-security/harden-runner/compare/v2.7.0...v2.7.1
### [`v2.7.0`](https://togithub.com/step-security/harden-runner/releases/tag/v2.7.0)
[Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.6.1...v2.7.0)
##### What's Changed
Release 2.7.0 by [@varunsh-coder](https://togithub.com/varunsh-coder) and [@h0x0er](https://togithub.com/h0x0er) in [https://github.com/step-security/harden-runner/pull/376](https://togithub.com/step-security/harden-runner/pull/376)
This release:
1. Updates the node runtime to node20
2. Adds capability to inspect outbound HTTPS traffic on GitHub-hosted and self-hosted VM runners
**Full Changelog**: https://github.com/step-security/harden-runner/compare/v2...v2.7.0
Configuration
š Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
š¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
ā» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
š Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
v2.6.1->v2.8.0Release Notes
step-security/harden-runner (step-security/harden-runner)
### [`v2.8.0`](https://togithub.com/step-security/harden-runner/releases/tag/v2.8.0) [Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.7.1...v2.8.0) #### What's Changed Release v2.8.0 by [@h0x0er](https://togithub.com/h0x0er) and [@varunsh-coder](https://togithub.com/varunsh-coder) in [https://github.com/step-security/harden-runner/pull/416](https://togithub.com/step-security/harden-runner/pull/416) This release includes: - File Monitoring Enhancements: Adds the capability to view the name and path of every file written during the build process. - Process Tracking Enhancements: Adds the capability to view process names and arguments of processes run during the build process. These enhancements are based on insights from the XZ Utils incident, aimed at improving observability and detections during the build process. **Full Changelog**: https://github.com/step-security/harden-runner/compare/v2...v2.8.0 ### [`v2.7.1`](https://togithub.com/step-security/harden-runner/releases/tag/v2.7.1) [Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.7.0...v2.7.1) ##### What's Changed Release v2.7.1 by [@varunsh-coder](https://togithub.com/varunsh-coder), [@h0x0er](https://togithub.com/h0x0er), [@ashishkurmi](https://togithub.com/ashishkurmi) in [https://github.com/step-security/harden-runner/pull/397](https://togithub.com/step-security/harden-runner/pull/397) This release: - Improves the capability to [inspect outbound HTTPS traffic](https://www.stepsecurity.io/blog/monitor-outbound-https-requests-from-github-actions-runners) on GitHub-hosted and self-hosted VM runners - Updates README to add link to [case study video](https://www.youtube.com/watch?v=Yz72qAOrN9s) on how Harden-Runner detected a supply chain attack on a Google open-source project - Addresses minor bugs **Full Changelog**: https://github.com/step-security/harden-runner/compare/v2.7.0...v2.7.1 ### [`v2.7.0`](https://togithub.com/step-security/harden-runner/releases/tag/v2.7.0) [Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.6.1...v2.7.0) ##### What's Changed Release 2.7.0 by [@varunsh-coder](https://togithub.com/varunsh-coder) and [@h0x0er](https://togithub.com/h0x0er) in [https://github.com/step-security/harden-runner/pull/376](https://togithub.com/step-security/harden-runner/pull/376) This release: 1. Updates the node runtime to node20 2. Adds capability to inspect outbound HTTPS traffic on GitHub-hosted and self-hosted VM runners **Full Changelog**: https://github.com/step-security/harden-runner/compare/v2...v2.7.0Configuration
š Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
š¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
ā» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
š Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.