step-security/harden-runner update [no ci]

Samsung · Feb 5, 2025 · 620c14b · 620c14b
1 parent 03df0a5
commit 620c14b
Show file tree

Hide file tree

Showing 8 changed files with 16 additions and 32 deletions.
diff --git a/.github/workflows/action.yml b/.github/workflows/action.yml
@@ -15,7 +15,7 @@ jobs:
     steps:
 
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 - 2025.01.20
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml
@@ -23,7 +23,7 @@ jobs:
     steps:
 
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 - 2025.01.20
         with:
           egress-policy: audit
 
@@ -79,7 +79,7 @@ jobs:
     steps:
 
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 - 2025.01.20
         with:
           egress-policy: audit
 
@@ -182,7 +182,7 @@ jobs:
     steps:
 
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 - 2025.01.20
         with:
           egress-policy: audit
 
@@ -370,7 +370,7 @@ jobs:
     steps:
 
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 - 2025.01.20
         with:
           egress-policy: audit
 
@@ -461,7 +461,7 @@ jobs:
     if: ${{ 'push' == github.event_name }} or ${{ 'Samsung/CredSweeper' == github.event.pull_request.head.repo.full_name }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 - 2025.01.20
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml
@@ -22,7 +22,7 @@ jobs:
       # # # MUST be full history to check git workflow
 
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 - 2025.01.20
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/fuzz.yml b/.github/workflows/fuzz.yml
@@ -22,7 +22,7 @@ jobs:
     steps:
 
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 - 2025.01.20
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/pypi.yml b/.github/workflows/pypi.yml
@@ -19,7 +19,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 - 2025.01.20
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/rottenness.yml b/.github/workflows/rottenness.yml
@@ -24,7 +24,7 @@ jobs:
     steps:
 
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 - 2025.01.20
         with:
           egress-policy: audit
 

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -30,7 +30,7 @@ jobs:
     steps:
 
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 - 2025.01.20
         with:
           egress-policy: audit
 
@@ -94,7 +94,7 @@ jobs:
     steps:
 
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 - 2025.01.20
         with:
           egress-policy: audit
 
@@ -167,7 +167,7 @@ jobs:
 
       - name: Upload coverage reports to Codecov
         if: ${{ matrix.python-version == '3.10' }}
-        uses: codecov/codecov-action@ab904c41d6ece82784817410c45d8b8c02684457 # v3.1.6
+        uses: codecov/codecov-action@13ce06bfc6bbe3ecf90edbbf1bc32fe5978ca1d3 # v5.3.1 - 2025.01.24
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           files: xmlcov/coverage.xml
diff --git a/action.yml b/action.yml
@@ -4,27 +4,11 @@ author: "[email protected]"
 branding:
   icon: "terminal"
   color: "gray-dark"
+runs:
+  using: "docker"
+  image: "Dockerfile"
 inputs:
-  python_version:
-    description: "Python Version. 3.10 - default"
-    default: "3.10"
   args:
     description: "Arguments passed to credsweeper"
     default: "--path . --save-json"
     required: true
-runs:
-  using: "composite"
-  steps:
-    - id: setup-python
-      name: Setup Python
-      uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0 - 2025.01.28
-      with:
-        python-version: ${{ inputs.python_version }}
-    - id: credsweeper-run
-      name: CredSweeper run
-      shell: bash
-      run: python -m credsweeper ${{ inputs.args }}
-    - id: check-output
-      name: Check output
-      shell: bash
-      run: python -c "import json; import sys; sys.exit(0 if json.load(open('output.json')) else 0)"