From bca2fd108ec9e2613e9de55a0b535fedf0812849 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Jul 2026 14:52:45 +0000 Subject: [PATCH] chore(deps): bump the dependencies group with 2 updates Bumps the dependencies group with 2 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner) and [github-community-projects/contributors](https://github.com/github-community-projects/contributors). Updates `step-security/harden-runner` from 2.19.4 to 2.20.0 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/9af89fc71515a100421586dfdb3dc9c984fbf411...bf7454d06d71f1098171f2acdf0cd4708d7b5920) Updates `github-community-projects/contributors` from 2.0.17 to 2.0.18 - [Release notes](https://github.com/github-community-projects/contributors/releases) - [Commits](https://github.com/github-community-projects/contributors/compare/b518e14609eadf468470392201312777172b5dec...7e077779e5e7bf810cc722e15b38ee63f86b880e) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github-community-projects/contributors dependency-version: 2.0.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 2 +- .github/workflows/contributors.yml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6309907..1bc5b75 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,7 +18,7 @@ jobs: permissions: contents: read # Clone the repository steps: - - uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 + - uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 diff --git a/.github/workflows/contributors.yml b/.github/workflows/contributors.yml index 383387e..55373d9 100644 --- a/.github/workflows/contributors.yml +++ b/.github/workflows/contributors.yml @@ -14,7 +14,7 @@ jobs: discussions: write # Create the monthly thank-you discussion via abirismyname/create-discussion steps: - - uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 + - uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit @@ -32,7 +32,7 @@ jobs: echo "END_DATE=$end_date" >> "$GITHUB_ENV" - name: Run contributor action - uses: github-community-projects/contributors@b518e14609eadf468470392201312777172b5dec # v2.0.17 + uses: github-community-projects/contributors@7e077779e5e7bf810cc722e15b38ee63f86b880e # v2.0.18 env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} START_DATE: ${{ env.START_DATE }}