Code Review / it / dep.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 357fbb2)
Chore: Bump step-security/harden-runner from 2.14.1 to 2.14.2 83/15483/1
authordependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Mon, 9 Feb 2026 23:09:40 +0000 (23:09 +0000)
committeroran.gh2gerrit <releng+oran-gh2gerrit@linuxfoundation.org>
Mon, 9 Feb 2026 23:09:41 +0000 (23:09 +0000)
Bumps step-security/harden-runner from 2.14.1 to 2.14.2.
## Release notes

Sourced from step-security/harden-runner's releases.

v2.14.2
What's Changed
Security fix: Fixed a medium severity vulnerability where outbound network connections using sendto, sendmsg, and sendmmsg socket system calls could bypass audit logging when using egress-policy: audit. This issue only affects the Community Tier in audit mode; block mode and Enterprise Tier were not affected. See GHSA-cpmj-h4f6-r6pq for details.
Full Changelog: https://github.com/step-security/harden-runner/compare/v2.14.1...v2.14.2

## Commits

5ef0c07 Merge pull request #635 from step-security/rc-34
eb43c7b update agent
See full diff in compare view

![Dependabot compatibility score](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Issue-ID: CIMAN-33
Signed-off-by: dependabot[bot] <support@github.com>
Change-Id: Ib565b2e6b40e5d95366215c6a97b5b4aae6fdabd
GitHub-PR: https://github.com/o-ran-sc/it-dep/pull/33
GitHub-Hash: e5c73ab07ee472a8
Signed-off-by: oran.gh2gerrit <releng+oran-gh2gerrit@linuxfoundation.org>
.github/workflows/gerrit-merge-itdep.yaml patch | blob | history
.github/workflows/gerrit-merge-release-itdep.yaml patch | blob | history
.github/workflows/gerrit-verify-itdep.yaml patch | blob | history
.github/workflows/github2gerrit.yaml patch | blob | history

diff --git a/.github/workflows/gerrit-merge-itdep.yaml b/.github/workflows/gerrit-merge-itdep.yaml
index 8c7f22a..0ccef15 100644 (file)
--- a/.github/workflows/gerrit-merge-itdep.yaml
+++ b/.github/workflows/gerrit-merge-itdep.yaml
@@ -92,7 +92,7 @@ jobs:
     timeout-minutes: 20
     steps:
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
+      - uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e  # v2.14.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/gerrit-merge-release-itdep.yaml b/.github/workflows/gerrit-merge-release-itdep.yaml
index 2dbd5d3..dda3fb5 100644 (file)
--- a/.github/workflows/gerrit-merge-release-itdep.yaml
+++ b/.github/workflows/gerrit-merge-release-itdep.yaml
@@ -38,7 +38,7 @@ jobs:
     timeout-minutes: 5
     steps:
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
+      - uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e  # v2.14.2
         with:
           egress-policy: audit
 
@@ -68,7 +68,7 @@ jobs:
     steps:
       # Harden the runner used by this workflow
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
+      - uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e  # v2.14.2
         with:
           egress-policy: 'audit'
 
@@ -110,7 +110,7 @@ jobs:
     timeout-minutes: 20
     steps:
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
+      - uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e  # v2.14.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/gerrit-verify-itdep.yaml b/.github/workflows/gerrit-verify-itdep.yaml
index 137fa2b..fb542c6 100644 (file)
--- a/.github/workflows/gerrit-verify-itdep.yaml
+++ b/.github/workflows/gerrit-verify-itdep.yaml
@@ -104,7 +104,7 @@ jobs:
     timeout-minutes: 15
     steps:
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
+      - uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e  # v2.14.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/github2gerrit.yaml b/.github/workflows/github2gerrit.yaml
index fe1ad67..2b4f0c7 100644 (file)
--- a/.github/workflows/github2gerrit.yaml
+++ b/.github/workflows/github2gerrit.yaml
@@ -41,7 +41,7 @@ jobs:
     steps:
       # Harden the runner used by this workflow
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
+      - uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e  # v2.14.2
         name: 'Harden runner'
         with:
           egress-policy: audit
Repo for integration and deployment related scripts, Helm charts, etc.