Code Review / it / dep.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 0bb01bb)
Chore: Bump step-security/harden-runner from 2.14.0 to 2.14.1 72/15472/1
authordependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Mon, 26 Jan 2026 21:41:24 +0000 (21:41 +0000)
committeroran.gh2gerrit <releng+oran-gh2gerrit@linuxfoundation.org>
Mon, 26 Jan 2026 21:41:25 +0000 (21:41 +0000)
Bumps step-security/harden-runner from 2.14.0 to 2.14.1.
## Release notes

Sourced from step-security/harden-runner's releases.

v2.14.1
What's Changed

In some self-hosted environments, the agent could briefly fall back to public DNS resolvers during startup if the system DNS was not yet available. This behavior was unintended for GitHub-hosted runners and has now been fixed to prevent any use of public DNS resolvers.

Fixed npm audit vulnerabilities

Full Changelog: https://github.com/step-security/harden-runner/compare/v2.14.0...v2.14.1

## Commits

e3f713f Merge pull request #631 from step-security/rc-31
423acdd chore: fix npm audit vulnerabilities
0ddb86c update agent
See full diff in compare view

![Dependabot compatibility score](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Issue-ID: CIMAN-33
Signed-off-by: dependabot[bot] <support@github.com>
Change-Id: I5809958ff96c48d3e912528033307cb6fe231c57
GitHub-PR: https://github.com/o-ran-sc/it-dep/pull/30
GitHub-Hash: 83393f7afeb5a61f
Signed-off-by: oran.gh2gerrit <releng+oran-gh2gerrit@linuxfoundation.org>
.github/workflows/gerrit-merge-itdep.yaml patch | blob | history
.github/workflows/gerrit-merge-release-itdep.yaml patch | blob | history
.github/workflows/gerrit-verify-itdep.yaml patch | blob | history
.github/workflows/github2gerrit.yaml patch | blob | history

diff --git a/.github/workflows/gerrit-merge-itdep.yaml b/.github/workflows/gerrit-merge-itdep.yaml
index 5ee1aad..8c7f22a 100644 (file)
--- a/.github/workflows/gerrit-merge-itdep.yaml
+++ b/.github/workflows/gerrit-merge-itdep.yaml
@@ -92,7 +92,7 @@ jobs:
     timeout-minutes: 20
     steps:
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76  # v2.14.0
+      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/gerrit-merge-release-itdep.yaml b/.github/workflows/gerrit-merge-release-itdep.yaml
index c422de5..510e1c9 100644 (file)
--- a/.github/workflows/gerrit-merge-release-itdep.yaml
+++ b/.github/workflows/gerrit-merge-release-itdep.yaml
@@ -38,7 +38,7 @@ jobs:
     timeout-minutes: 5
     steps:
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76  # v2.14.0
+      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
         with:
           egress-policy: audit
 
@@ -68,7 +68,7 @@ jobs:
     steps:
       # Harden the runner used by this workflow
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76  # v2.14.0
+      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
         with:
           egress-policy: 'audit'
 
@@ -110,7 +110,7 @@ jobs:
     timeout-minutes: 20
     steps:
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76  # v2.14.0
+      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/gerrit-verify-itdep.yaml b/.github/workflows/gerrit-verify-itdep.yaml
index a4ee79d..137fa2b 100644 (file)
--- a/.github/workflows/gerrit-verify-itdep.yaml
+++ b/.github/workflows/gerrit-verify-itdep.yaml
@@ -104,7 +104,7 @@ jobs:
     timeout-minutes: 15
     steps:
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76  # v2.14.0
+      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/github2gerrit.yaml b/.github/workflows/github2gerrit.yaml
index cf40ec2..6b16311 100644 (file)
--- a/.github/workflows/github2gerrit.yaml
+++ b/.github/workflows/github2gerrit.yaml
@@ -41,7 +41,7 @@ jobs:
     steps:
       # Harden the runner used by this workflow
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76  # v2.14.0
+      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
         name: 'Harden runner'
         with:
           egress-policy: audit
Repo for integration and deployment related scripts, Helm charts, etc.