Skip to content

chore(deps): update step-security/harden-runner action to v2.13.2 #895

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

chore(deps): update step-security/harden-runner action to v2.13.2 #895

wants to merge 1 commit into from

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Jun 11, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change
step-security/harden-runner action minor v2.12.0 -> v2.13.2

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Release Notes

step-security/harden-runner (step-security/harden-runner)

v2.13.2

Compare Source

What's Changed
  • Fixed an issue where there was a limit of 512 allowed endpoints when using block egress policy. This restriction has been removed, allowing for an unlimited number of endpoints to be configured.
  • Harden Runner now automatically detects if the agent is already pre-installed on a custom VM image used by a GitHub-hosted runner. When detected, the action will skip reinstallation and use the existing agent.

Full Changelog: step-security/harden-runner@v2.13.1...v2.13.2

v2.13.1

Compare Source

What's Changed

  • Graceful handling of HTTP errors: Improved error handling when fetching Harden Runner policies from the StepSecurity Policy Store API, ensuring more reliable execution even in case of temporary network/API issues.

  • Security updates for npm dependencies: Updated vulnerable npm package dependencies to the latest secure versions.

  • Faster enterprise agent downloads: The enterprise agent is now downloaded from GitHub Releases instead of packages.stepsecurity.io, improving download speed and reliability.

Full Changelog: step-security/harden-runner@v2.13.0...v2.13.1

v2.13.0

Compare Source

What's Changed

  • Improved job markdown summary
  • Https monitoring for all domains (included with the enterprise tier)

Full Changelog: step-security/harden-runner@v2...v2.13.0

v2.12.2

Compare Source

What's Changed

Added HTTPS Monitoring for additional destinations - *.githubusercontent.com
Bug fixes:

  • Implicitly allow local multicast, local unicast and broadcast IP addresses in block mode
  • Increased policy map size for block mode

Full Changelog: step-security/harden-runner@v2...v2.12.2

v2.12.1

Compare Source

What's Changed
  • Detection capabilities have been upgraded to better recognize attempts at runner tampering. These improvements are informed by real-world incident learnings, including analysis of anomalous behaviors observed in the tj-actions and reviewdog supply chain attack.
  • Resolved an issue where the block policy was not enforced correctly when the GitHub Actions job was running inside a container on a self-hosted VM runner.

Full Changelog: step-security/harden-runner@v2...v2.12.1

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested review from leonseng and shsingh as code owners June 11, 2025 19:26
@renovate renovate bot enabled auto-merge (squash) June 11, 2025 19:26
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from 7e115cd to 5f0fc0b Compare June 30, 2025 10:43
@renovate renovate bot changed the title chore(deps): update step-security/harden-runner action to v2.12.1 chore(deps): update step-security/harden-runner action to v2.12.2 Jun 30, 2025
@github-actions github-actions bot added bug Something isn't working enhancement New feature or request labels Jun 30, 2025
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from 5f0fc0b to 9762b05 Compare July 15, 2025 20:28
@renovate renovate bot changed the title chore(deps): update step-security/harden-runner action to v2.12.2 chore(deps): update step-security/harden-runner action to v2.13.0 Jul 15, 2025
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from 9762b05 to 397d38b Compare September 9, 2025 21:37
@renovate renovate bot changed the title chore(deps): update step-security/harden-runner action to v2.13.0 chore(deps): update step-security/harden-runner action to v2.13.1 Sep 9, 2025
@renovate renovate bot force-pushed the renovate/step-security-harden-runner-2.x branch from 397d38b to 63b7b06 Compare November 5, 2025 10:10
@renovate renovate bot changed the title chore(deps): update step-security/harden-runner action to v2.13.1 chore(deps): update step-security/harden-runner action to v2.13.2 Nov 5, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@shsingh shsingh Awaiting requested review from shsingh shsingh is a code owner

@leonseng leonseng Awaiting requested review from leonseng leonseng is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

bug Something isn't working dependencies enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant