File tree 4 files changed +37
-12
lines changed 4 files changed +37
-12
lines changed Original file line number Diff line number Diff line change @@ -17,14 +17,19 @@ jobs:
1717 - " v28.0.1" # 2025-02 --> EOL ?
1818 fail-fast : false
1919 steps :
20- - uses : actions/checkout@v4
20+ - name : Harden the runner (Audit all outbound calls)
21+ uses : step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
22+ with :
23+ egress-policy : audit
24+
25+ - uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
2126 - name : Set up JDK
22- uses : actions/setup-java@v4
27+ uses : actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
2328 with :
2429 java-version : 17
2530 distribution : temurin
2631 - name : Set up Docker
27- uses : docker/setup-docker-action@v4
32+ uses : docker/setup-docker-action@b60f85385d03ac8acfca6d9996982511d8620a19 # v4.3.0
2833 with :
2934 version : ${{ matrix.docker-version }}
3035 - name : Build with Gradle
Original file line number Diff line number Diff line change @@ -20,11 +20,16 @@ jobs:
2020 GITHUB_TOKEN : " ${{ secrets.GITHUB_TOKEN }}"
2121 PRERELEASE : " ${{ github.event.inputs.prerelease }}"
2222 steps :
23- - uses : actions/checkout@v4
23+ - name : Harden the runner (Audit all outbound calls)
24+ uses : step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
25+ with :
26+ egress-policy : audit
27+
28+ - uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
2429 with :
2530 fetch-depth : 0
2631 - name : Set up JDK
27- uses : actions/setup-java@v4
32+ uses : actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
2833 with :
2934 java-version : 17
3035 distribution : temurin
Original file line number Diff line number Diff line change @@ -19,14 +19,19 @@ jobs:
1919 - " v28.0.1" # 2025-02 --> EOL ?
2020 fail-fast : false
2121 steps :
22- - uses : actions/checkout@v4
22+ - name : Harden the runner (Audit all outbound calls)
23+ uses : step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
24+ with :
25+ egress-policy : audit
26+
27+ - uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
2328 - name : Set up JDK
24- uses : actions/setup-java@v4
29+ uses : actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
2530 with :
2631 java-version : 17
2732 distribution : temurin
2833 - name : Set up Docker
29- uses : docker/setup-docker-action@v4
34+ uses : docker/setup-docker-action@b60f85385d03ac8acfca6d9996982511d8620a19 # v4.3.0
3035 with :
3136 version : ${{ matrix.docker-version }}
3237 - name : Build with Gradle
@@ -38,11 +43,16 @@ jobs:
3843 GITHUB_USER : " gocd-contrib"
3944 GITHUB_TOKEN : " ${{ secrets.GITHUB_TOKEN }}"
4045 steps :
41- - uses : actions/checkout@v4
46+ - name : Harden the runner (Audit all outbound calls)
47+ uses : step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
48+ with :
49+ egress-policy : audit
50+
51+ - uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
4252 with :
4353 fetch-depth : 0
4454 - name : Set up JDK
45- uses : actions/setup-java@v4
55+ uses : actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
4656 with :
4757 java-version : 17
4858 distribution : temurin
Original file line number Diff line number Diff line change 1010 runs-on : ubuntu-latest
1111
1212 steps :
13- - uses : actions/checkout@v4
13+ - name : Harden the runner (Audit all outbound calls)
14+ uses : step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
15+ with :
16+ egress-policy : audit
17+
18+ - uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
1419
1520 - name : Update Gradle Wrapper
16- uses : gradle-update/update-gradle-wrapper-action@v2
21+ uses : gradle-update/update-gradle-wrapper-action@512b1875f3b6270828abfe77b247d5895a2da1e5 # v2.1.0
1722 with :
1823 labels : dependencies
You can’t perform that action at this time.
0 commit comments