ci(github-action): update step-security/harden-runner ( v2.10.1 → v2.10.2 )

tyriis-automation[bot] commented 1 week ago

This PR contains the following updates:

Package	Type	Update	Change	OpenSSF
step-security/harden-runner	action	patch	`v2.10.1` -> `v2.10.2`

Release Notes

step-security/harden-runner (step-security/harden-runner)

### [`v2.10.2`](https://redirect.github.com/step-security/harden-runner/releases/tag/v2.10.2) [Compare Source](https://redirect.github.com/step-security/harden-runner/compare/v2.10.1...v2.10.2) ##### What's Changed 1. Fixes low-severity command injection weaknesses The advisory is here: https://github.com/step-security/harden-runner/security/advisories/GHSA-g85v-wf27-67xc 2. Bug fix to improve detection of whether Harden-Runner is running in a container **Full Changelog**: https://github.com/step-security/harden-runner/compare/v2...v2.10.2

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

sonarcloud[bot] commented 1 week ago

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

tyriis-automation[bot] commented 1 week ago

🦙 MegaLinter status: ✅ SUCCESS

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ REPOSITORY	gitleaks	yes		no	3.32s

See detailed report in MegaLinter reports _Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff_

MegaLinter is graciously provided by OX Security

tyriis / home-ops