{"id":25099,"name":"step-security/harden-runner","ecosystem":"docker","repository_url":null,"issues_count":8,"created_at":"2025-06-07T04:13:53.073Z","updated_at":"2025-06-07T04:13:53.073Z","purl":"pkg:docker/step-security/harden-runner","unique_repositories_count":2,"unique_repositories_count_past_30_days":1,"recent_issues":[{"uuid":"4329387090","node_id":"PR_kwDOI2oX4M7Vpt8k","number":6228,"state":"open","title":"build(deps): bump step-security/harden-runner from 2.15.1 to 2.19.0","user":"dependabot[bot]","labels":["dependencies","Docker","Security","API","Test","Github","size:XS","github_actions","Devtools","build"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-25T22:23:01.000Z","updated_at":"2026-04-30T21:54:20.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"step-security/harden-runner","old_version":"2.15.1","new_version":"2.19.0","repository_url":"https://github.com/step-security/harden-runner"}],"path":null,"ecosystem":"docker"},"body":"Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.15.1 to 2.19.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eNew Runner Support\u003c/h3\u003e\n\u003cp\u003eHarden-Runner now supports Depot, Blacksmith, Namespace, and WarpBuild runners with the same egress monitoring, runtime monitoring, and policy enforcement available on GitHub-hosted runners.\u003c/p\u003e\n\u003ch3\u003eAutomated Incident Response for Supply Chain Attacks\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGlobal block list: Outbound connections to known malicious domains and IPs are now blocked even in audit mode.\u003c/li\u003e\n\u003cli\u003eSystem-defined detection rules: Harden-Runner will trigger lockdown mode when a high risk event is detected during an active supply chain attack (for example, a process reading the memory of the runner worker process, a common technique for stealing GitHub Actions secrets).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cp\u003eWindows and macOS: stability and reliability fixes\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.18.0...v2.19.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.18.0...v2.19.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eGlobal Block List: During supply chain incidents like the recent axios and trivy compromises, StepSecurity will add known malicious domains and IP addresses (IOCs) to a global block list. These will be automatically blocked, even in audit mode, providing immediate protection without requiring any workflow changes.\u003c/p\u003e\n\u003cp\u003eDeploy on Self-Hosted VM: Added \u003ccode\u003edeploy-on-self-hosted-vm\u003c/code\u003e input that allows the Harden Runner agent to be installed directly on ephemeral self-hosted Linux runner VMs at workflow runtime. This is intended as an alternative when baking the agent into the VM image is not possible.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.17.0...v2.18.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.17.0...v2.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003ePolicy Store Support\u003c/h3\u003e\n\u003cp\u003eAdded \u003ccode\u003euse-policy-store\u003c/code\u003e and \u003ccode\u003eapi-key\u003c/code\u003e inputs to fetch security policies directly from the \u003ca href=\"https://docs.stepsecurity.io/harden-runner/policy-store\"\u003eStepSecurity Policy Store\u003c/a\u003e. Policies can be defined and attached at the workflow, repo, org, or cluster (ARC) level, with the most granular policy taking precedence. This is the preferred method over the existing \u003ccode\u003epolicy\u003c/code\u003e input which requires \u003ccode\u003eid-token: write\u003c/code\u003e permission. If no policy is found in the store, the action defaults to audit mode.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.16.1...v2.17.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.16.1...v2.17.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eEnterprise tier: Added support for direct IP addresses in the allow list\nCommunity tier: Migrated Harden Runner telemetry to a new endpoint\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated action.yml to use node24\u003c/li\u003e\n\u003cli\u003eSecurity fix: Fixed a medium severity vulnerability where the egress block policy could be bypassed via DNS over HTTPS (DoH) by proxying DNS queries through a permitted resolver, allowing data exfiltration even with a restrictive allowed-endpoints list. This issue only affects the Community Tier; the Enterprise Tier is not affected. See \u003ca href=\"https://github.com/step-security/harden-runner/security/advisories/GHSA-46g3-37rh-v698\"\u003eGHSA-46g3-37rh-v698\u003c/a\u003e for details.\u003c/li\u003e\n\u003cli\u003eSecurity fix: Fixed a medium severity vulnerability where the egress block policy could be bypassed via DNS queries over TCP to external resolvers, allowing outbound network communication that evades configured network restrictions. This issue only affects the Community Tier; the Enterprise Tier is not affected. See \u003ca href=\"https://github.com/step-security/harden-runner/security/advisories/GHSA-g699-3x6g-wm3g\"\u003eGHSA-g699-3x6g-wm3g\u003c/a\u003e for details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.15.1...v2.16.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.15.1...v2.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/8d3c67de8e2fe68ef647c8db1e6a09f647780f40\"\u003e\u003ccode\u003e8d3c67d\u003c/code\u003e\u003c/a\u003e Release v2.19.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/661\"\u003e#661\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/6c3c2f2c1c457b00c10c4848d6f5491db3b629df\"\u003e\u003ccode\u003e6c3c2f2\u003c/code\u003e\u003c/a\u003e Feature/deploy on self hosted vm (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/658\"\u003e#658\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/f808768d1510423e83855289c910610ca9b43176\"\u003e\u003ccode\u003ef808768\u003c/code\u003e\u003c/a\u003e Feature/policy store (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/656\"\u003e#656\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/fe104658747b27e96e4f7e80cd0a94068e53901d\"\u003e\u003ccode\u003efe10465\u003c/code\u003e\u003c/a\u003e v2.16.1 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/654\"\u003e#654\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594\"\u003e\u003ccode\u003efa2e9d6\u003c/code\u003e\u003c/a\u003e Release v2.16.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/646\"\u003e#646\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.15.1...8d3c67de8e2fe68ef647c8db1e6a09f647780f40\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/Stirling-Tools/Stirling-PDF/pull/6228","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Stirling-Tools%2FStirling-PDF/issues/6228","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6228/packages"},{"uuid":"4039702708","node_id":"PR_kwDOI2oX4M7Ix31i","number":5896,"state":"open","title":"build(deps): bump step-security/harden-runner from 2.14.0 to 2.15.1","user":"dependabot[bot]","labels":["dependencies","Docker","Security","API","Test","Github","size:M","github_actions","Devtools","build"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-07T22:24:07.000Z","updated_at":"2026-03-07T22:58:57.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"step-security/harden-runner","old_version":"2.14.0","new_version":"2.15.1","repository_url":"https://github.com/step-security/harden-runner"}],"path":null,"ecosystem":"docker"},"body":"Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.14.0 to 2.15.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.15.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/642\"\u003estep-security/harden-runner#642\u003c/a\u003e bug due to which post step was failing on Windows ARM runners\u003c/li\u003e\n\u003cli\u003eUpdates npm packages\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.15.0...v2.15.1\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.15.0...v2.15.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.15.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eWindows and macOS runner support\u003c/h3\u003e\n\u003cp\u003eWe are excited to announce that Harden Runner now supports \u003cstrong\u003eWindows and macOS runners\u003c/strong\u003e, extending runtime security beyond Linux for the first time.\u003c/p\u003e\n\u003cp\u003eInsights for Windows and macOS runners will be displayed in the same consistent format you are already familiar with from Linux runners, giving you a unified view of runtime activity across all platforms.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.14.2...v2.15.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.14.2...v2.15.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.14.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eSecurity fix: Fixed a medium severity vulnerability where outbound network connections using sendto, sendmsg, and sendmmsg socket system calls could bypass audit logging when using egress-policy: audit. This issue only affects the Community Tier in audit mode; block mode and Enterprise Tier were not affected. See \u003ca href=\"https://github.com/step-security/harden-runner/security/advisories/GHSA-cpmj-h4f6-r6pq\"\u003eGHSA-cpmj-h4f6-r6pq\u003c/a\u003e for details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.14.1...v2.14.2\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.14.1...v2.14.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.14.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003e\n\u003cp\u003eIn some self-hosted environments, the agent could briefly fall back to public DNS resolvers during startup if the system DNS was not yet available. This behavior was unintended for GitHub-hosted runners and has now been fixed to prevent any use of public DNS resolvers.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed npm audit vulnerabilities\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.14.0...v2.14.1\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.14.0...v2.14.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/58077d3c7e43986b6b15fba718e8ea69e387dfcc\"\u003e\u003ccode\u003e58077d3\u003c/code\u003e\u003c/a\u003e Release v2.15.1 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/641\"\u003e#641\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/a90bcbc6539c36a85cdfeb73f7e2f433735f215b\"\u003e\u003ccode\u003ea90bcbc\u003c/code\u003e\u003c/a\u003e Update readme (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/637\"\u003e#637\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/f0a59d88538059e010b6ebd90b74e2740a6d05fc\"\u003e\u003ccode\u003ef0a59d8\u003c/code\u003e\u003c/a\u003e Release v2.15.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/639\"\u003e#639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/5ef0c079ce82195b2a36a210272d6b661572d83e\"\u003e\u003ccode\u003e5ef0c07\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/635\"\u003e#635\u003c/a\u003e from step-security/rc-34\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/eb43c7b3fd5a30c42ff1ab84b494f1cc6c7cc3b6\"\u003e\u003ccode\u003eeb43c7b\u003c/code\u003e\u003c/a\u003e update agent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/e3f713f2d8f53843e71c69a996d56f51aa9adfb9\"\u003e\u003ccode\u003ee3f713f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/631\"\u003e#631\u003c/a\u003e from step-security/rc-31\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/423acdda6fd4f75f197b7c305a3f2e3d700dc00b\"\u003e\u003ccode\u003e423acdd\u003c/code\u003e\u003c/a\u003e chore: fix npm audit vulnerabilities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/0ddb86cf0353b79dbed5bb8cef4103700cea70a7\"\u003e\u003ccode\u003e0ddb86c\u003c/code\u003e\u003c/a\u003e update agent\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/step-security/harden-runner/compare/20cf305ff2072d973412fa9b1e3a4f227bda3c76...58077d3c7e43986b6b15fba718e8ea69e387dfcc\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner\u0026package-manager=github_actions\u0026previous-version=2.14.0\u0026new-version=2.15.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Stirling-Tools/Stirling-PDF/pull/5896","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Stirling-Tools%2FStirling-PDF/issues/5896","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5896/packages"},{"uuid":"2868107060","node_id":"PR_kwDOI2oX4M6q89c0","number":4538,"state":"closed","title":"build(deps): bump step-security/harden-runner from 2.13.0 to 2.13.1","user":"dependabot[bot]","labels":["dependencies","Docker","Security","API","Test","Github","size:M","github_actions","Devtools","build"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-09-28T20:22:40.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-28T16:13:35.000Z","updated_at":"2025-09-28T20:22:40.000Z","time_to_close":14945,"merged_at":"2025-09-28T20:22:40.000Z","merged_by":"Frooodle","closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"step-security/harden-runner","old_version":"2.13.0","new_version":"2.13.1","repository_url":"https://github.com/step-security/harden-runner"}],"path":null,"ecosystem":"docker"},"body":"[//]: # (dependabot-start)\n⚠️  **Dependabot is rebasing this PR** ⚠️ \n\nRebasing might not happen immediately, so don't worry if this takes some time.\n\nNote: if you make any changes to this PR yourself, they will take precedence over the rebase.\n\n---\n\n[//]: # (dependabot-end)\n\nBumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.13.0 to 2.13.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eGraceful handling of HTTP errors: Improved error handling when fetching Harden Runner policies from the StepSecurity Policy Store API, ensuring more reliable execution even in case of temporary network/API issues.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity updates for npm dependencies: Updated vulnerable npm package dependencies to the latest secure versions.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFaster enterprise agent downloads: The enterprise agent is now downloaded from GitHub Releases instead of packages.stepsecurity.io, improving download speed and reliability.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.13.0...v2.13.1\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.13.0...v2.13.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a\"\u003e\u003ccode\u003ef4a75cf\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/588\"\u003e#588\u003c/a\u003e from step-security/rc-26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/95503d076c107b91d03775aee93f4cb86a134dda\"\u003e\u003ccode\u003e95503d0\u003c/code\u003e\u003c/a\u003e ci: remove code-review workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/4b250a07397b4cabc038948e3d832967764db6b4\"\u003e\u003ccode\u003e4b250a0\u003c/code\u003e\u003c/a\u003e ci: add job to confirm dist is as expected\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/5b0ab6abcf4c643b4ddf49d19fdb13c5821d124b\"\u003e\u003ccode\u003e5b0ab6a\u003c/code\u003e\u003c/a\u003e update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/d11f2c1d65a99d8b0f20925c425d4d932e6d3366\"\u003e\u003ccode\u003ed11f2c1\u003c/code\u003e\u003c/a\u003e fix bug where status code was not being preserved\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/b3fc98e4dfca39273624a95b9c5fd70d759997e5\"\u003e\u003ccode\u003eb3fc98e\u003c/code\u003e\u003c/a\u003e improve error handling for policy store sceanrio\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/92fc5d4bf78f09f5494523f3d8f2f85786fe757f\"\u003e\u003ccode\u003e92fc5d4\u003c/code\u003e\u003c/a\u003e update error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/b61b0a4938ef1a80f368fbb9a0abcf78846e15a4\"\u003e\u003ccode\u003eb61b0a4\u003c/code\u003e\u003c/a\u003e policy store improvements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/e3d3f2baeacadcbf3b2ad500171dd444855d4577\"\u003e\u003ccode\u003ee3d3f2b\u003c/code\u003e\u003c/a\u003e use GitHub release instead of packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/646ac01e72c16075733090f55857fc2f2d9a7e7a\"\u003e\u003ccode\u003e646ac01\u003c/code\u003e\u003c/a\u003e update agent\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/step-security/harden-runner/compare/ec9f2d5744a09debf3a187a3f4f675c53b671911...f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner\u0026package-manager=github_actions\u0026previous-version=2.13.0\u0026new-version=2.13.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Stirling-Tools/Stirling-PDF/pull/4538","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Stirling-Tools%2FStirling-PDF/issues/4538","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4538/packages"},{"uuid":"2816203782","node_id":"PR_kwDONo6NUs6n29wG","number":316,"state":"closed","title":"Bump step-security/harden-runner from 2.12.2 to 2.13.1","user":"dependabot[bot]","labels":["Docker","github-actions","Github","Security","API","Test"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-09-21T07:37:13.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-10T17:16:26.000Z","updated_at":"2025-09-21T07:37:13.000Z","time_to_close":915647,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"step-security/harden-runner","old_version":"2.12.2","new_version":"2.13.1","repository_url":"https://github.com/step-security/harden-runner"}],"path":null,"ecosystem":"docker"},"body":"Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.12.2 to 2.13.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eGraceful handling of HTTP errors: Improved error handling when fetching Harden Runner policies from the StepSecurity Policy Store API, ensuring more reliable execution even in case of temporary network/API issues.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity updates for npm dependencies: Updated vulnerable npm package dependencies to the latest secure versions.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFaster enterprise agent downloads: The enterprise agent is now downloaded from GitHub Releases instead of packages.stepsecurity.io, improving download speed and reliability.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.13.0...v2.13.1\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.13.0...v2.13.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved job markdown summary\u003c/li\u003e\n\u003cli\u003eHttps monitoring for all domains (included with the enterprise tier)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2...v2.13.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2...v2.13.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a\"\u003e\u003ccode\u003ef4a75cf\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/588\"\u003e#588\u003c/a\u003e from step-security/rc-26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/95503d076c107b91d03775aee93f4cb86a134dda\"\u003e\u003ccode\u003e95503d0\u003c/code\u003e\u003c/a\u003e ci: remove code-review workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/4b250a07397b4cabc038948e3d832967764db6b4\"\u003e\u003ccode\u003e4b250a0\u003c/code\u003e\u003c/a\u003e ci: add job to confirm dist is as expected\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/5b0ab6abcf4c643b4ddf49d19fdb13c5821d124b\"\u003e\u003ccode\u003e5b0ab6a\u003c/code\u003e\u003c/a\u003e update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/d11f2c1d65a99d8b0f20925c425d4d932e6d3366\"\u003e\u003ccode\u003ed11f2c1\u003c/code\u003e\u003c/a\u003e fix bug where status code was not being preserved\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/b3fc98e4dfca39273624a95b9c5fd70d759997e5\"\u003e\u003ccode\u003eb3fc98e\u003c/code\u003e\u003c/a\u003e improve error handling for policy store sceanrio\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/92fc5d4bf78f09f5494523f3d8f2f85786fe757f\"\u003e\u003ccode\u003e92fc5d4\u003c/code\u003e\u003c/a\u003e update error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/b61b0a4938ef1a80f368fbb9a0abcf78846e15a4\"\u003e\u003ccode\u003eb61b0a4\u003c/code\u003e\u003c/a\u003e policy store improvements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/e3d3f2baeacadcbf3b2ad500171dd444855d4577\"\u003e\u003ccode\u003ee3d3f2b\u003c/code\u003e\u003c/a\u003e use GitHub release instead of packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/646ac01e72c16075733090f55857fc2f2d9a7e7a\"\u003e\u003ccode\u003e646ac01\u003c/code\u003e\u003c/a\u003e update agent\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.12.2...f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner\u0026package-manager=github_actions\u0026previous-version=2.12.2\u0026new-version=2.13.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Ludy87/test_java/pull/316","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ludy87%2Ftest_java/issues/316","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/316/packages"},{"uuid":"2630636049","node_id":"PR_kwDOI2oX4M6czFIR","number":3849,"state":"closed","title":"chore(deps): bump step-security/harden-runner from 2.12.1 to 2.12.2","user":"dependabot[bot]","labels":["dependencies","Docker","Security","API","Test","Github","size:M","github_actions","Devtools"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-07-01T14:39:13.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-07-01T02:13:19.000Z","updated_at":"2025-07-01T14:39:13.000Z","time_to_close":44754,"merged_at":"2025-07-01T14:39:13.000Z","merged_by":"Frooodle","closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"step-security/harden-runner","old_version":"2.12.1","new_version":"2.12.2","repository_url":"https://github.com/step-security/harden-runner"}],"path":null,"ecosystem":"docker"},"body":"Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.12.1 to 2.12.2.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.12.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eAdded HTTPS Monitoring for additional destinations - *.githubusercontent.com\nBug fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImplicitly allow local multicast, local unicast and broadcast IP addresses in block mode\u003c/li\u003e\n\u003cli\u003eIncreased policy map size for block mode\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2...v2.12.2\"\u003ehttps://github.com/step-security/harden-runner/compare/v2...v2.12.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/6c439dc8bdf85cadbbce9ed30d1c7b959517bc49\"\u003e\u003ccode\u003e6c439dc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/562\"\u003e#562\u003c/a\u003e from step-security/rc-22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/bf5688696d0b2cf8221eadb38e4232386015763a\"\u003e\u003ccode\u003ebf56886\u003c/code\u003e\u003c/a\u003e update agent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/5436dac7b5fa76a1a179168f5f4de86c00e22c84\"\u003e\u003ccode\u003e5436dac\u003c/code\u003e\u003c/a\u003e update agent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/88d305a3530acfa6d1939000baaa571e520df9c8\"\u003e\u003ccode\u003e88d305a\u003c/code\u003e\u003c/a\u003e update agent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/b976878278dbe3bc16039f7165b8faf809c50297\"\u003e\u003ccode\u003eb976878\u003c/code\u003e\u003c/a\u003e update agent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/875cc92db280a03598e7492a3e6c165c689f7af6\"\u003e\u003ccode\u003e875cc92\u003c/code\u003e\u003c/a\u003e Update agent\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/step-security/harden-runner/compare/002fdce3c6a235733a90a27c80493a3241e56863...6c439dc8bdf85cadbbce9ed30d1c7b959517bc49\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner\u0026package-manager=github_actions\u0026previous-version=2.12.1\u0026new-version=2.12.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Stirling-Tools/Stirling-PDF/pull/3849","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Stirling-Tools%2FStirling-PDF/issues/3849","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3849/packages"},{"uuid":"2596772565","node_id":"PR_kwDOI2oX4M6ax5rV","number":3728,"state":"closed","title":"Bump step-security/harden-runner from 2.12.0 to 2.12.1","user":"dependabot[bot]","labels":["dependencies","Docker","Security","API","Test","Github","size:M","github_actions"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-06-16T22:31:27.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-06-16T20:06:16.000Z","updated_at":"2025-06-16T22:31:28.000Z","time_to_close":8711,"merged_at":"2025-06-16T22:31:27.000Z","merged_by":"Frooodle","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"step-security/harden-runner","old_version":"2.12.0","new_version":"2.12.1","repository_url":"https://github.com/step-security/harden-runner"}],"path":null,"ecosystem":"docker"},"body":"Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.12.0 to 2.12.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.12.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDetection capabilities have been upgraded to better recognize attempts at runner tampering. These improvements are informed by real-world incident learnings, including analysis of anomalous behaviors observed in the tj-actions and reviewdog supply chain attack.\u003c/li\u003e\n\u003cli\u003eResolved an issue where the block policy was not enforced correctly when the GitHub Actions job was running inside a container on a self-hosted VM runner.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2...v2.12.1\"\u003ehttps://github.com/step-security/harden-runner/compare/v2...v2.12.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/002fdce3c6a235733a90a27c80493a3241e56863\"\u003e\u003ccode\u003e002fdce\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/544\"\u003e#544\u003c/a\u003e from step-security/rc-21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/2489e3fcb3d00eac3cb27c9b490431a4d26eac58\"\u003e\u003ccode\u003e2489e3f\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into rc-21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/75dd441a816c3c7ea21313ec8ff21d9f7b69f534\"\u003e\u003ccode\u003e75dd441\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/555\"\u003e#555\u003c/a\u003e from step-security/dependabot/github_actions/step-sec...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/4381ace9c4db180c9cc8ff9a6dd4220f17a95690\"\u003e\u003ccode\u003e4381ace\u003c/code\u003e\u003c/a\u003e Bump step-security/publish-unit-test-result-action from 2.19.0 to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/a9da90b635b492e68edb2a24949fcab1e313e9eb\"\u003e\u003ccode\u003ea9da90b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/553\"\u003e#553\u003c/a\u003e from h0x0er/feat/container-workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/a60ef21c0c1f49c7ac6c8d65b6f4d16d419789c1\"\u003e\u003ccode\u003ea60ef21\u003c/code\u003e\u003c/a\u003e update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/4ad512f16553ff1c022684cc96be0329a7618db8\"\u003e\u003ccode\u003e4ad512f\u003c/code\u003e\u003c/a\u003e Merge branch 'rc-21' into feat/container-workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/6b41a3923518db2abe77790e47793760b5c47c28\"\u003e\u003ccode\u003e6b41a39\u003c/code\u003e\u003c/a\u003e fixed test case\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/fa70c45ca9a73bcef023a3e6afac49ffa3007480\"\u003e\u003ccode\u003efa70c45\u003c/code\u003e\u003c/a\u003e update agent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/eb47845632e48a7532e7e363ba78b9bc48c09264\"\u003e\u003ccode\u003eeb47845\u003c/code\u003e\u003c/a\u003e self-hosted: refactored block-policy apply logic\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/step-security/harden-runner/compare/0634a2670c59f64b4a01f0f96f84700a4088b9f0...002fdce3c6a235733a90a27c80493a3241e56863\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner\u0026package-manager=github_actions\u0026previous-version=2.12.0\u0026new-version=2.12.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Stirling-Tools/Stirling-PDF/pull/3728","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Stirling-Tools%2FStirling-PDF/issues/3728","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3728/packages"},{"uuid":"3137616282","node_id":"PR_kwDONo6NUs6aE3c_","number":181,"state":"open","title":"Bump step-security/harden-runner from 2.12.0 to 2.12.1","user":"dependabot[bot]","labels":["Docker","Github","Security","API","Test","Bump"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-06-11T17:33:10.000Z","updated_at":"2025-06-21T19:06:22.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"step-security/harden-runner","old_version":"2.12.0","new_version":"2.12.1","repository_url":"https://github.com/step-security/harden-runner"}],"path":null,"ecosystem":"docker"},"body":"Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.12.0 to 2.12.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.12.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDetection capabilities have been upgraded to better recognize attempts at runner tampering. These improvements are informed by real-world incident learnings, including analysis of anomalous behaviors observed in the tj-actions and reviewdog supply chain attack.\u003c/li\u003e\n\u003cli\u003eResolved an issue where the block policy was not enforced correctly when the GitHub Actions job was running inside a container on a self-hosted VM runner.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2...v2.12.1\"\u003ehttps://github.com/step-security/harden-runner/compare/v2...v2.12.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/002fdce3c6a235733a90a27c80493a3241e56863\"\u003e\u003ccode\u003e002fdce\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/544\"\u003e#544\u003c/a\u003e from step-security/rc-21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/2489e3fcb3d00eac3cb27c9b490431a4d26eac58\"\u003e\u003ccode\u003e2489e3f\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into rc-21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/75dd441a816c3c7ea21313ec8ff21d9f7b69f534\"\u003e\u003ccode\u003e75dd441\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/555\"\u003e#555\u003c/a\u003e from step-security/dependabot/github_actions/step-sec...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/4381ace9c4db180c9cc8ff9a6dd4220f17a95690\"\u003e\u003ccode\u003e4381ace\u003c/code\u003e\u003c/a\u003e Bump step-security/publish-unit-test-result-action from 2.19.0 to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/a9da90b635b492e68edb2a24949fcab1e313e9eb\"\u003e\u003ccode\u003ea9da90b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/553\"\u003e#553\u003c/a\u003e from h0x0er/feat/container-workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/a60ef21c0c1f49c7ac6c8d65b6f4d16d419789c1\"\u003e\u003ccode\u003ea60ef21\u003c/code\u003e\u003c/a\u003e update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/4ad512f16553ff1c022684cc96be0329a7618db8\"\u003e\u003ccode\u003e4ad512f\u003c/code\u003e\u003c/a\u003e Merge branch 'rc-21' into feat/container-workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/6b41a3923518db2abe77790e47793760b5c47c28\"\u003e\u003ccode\u003e6b41a39\u003c/code\u003e\u003c/a\u003e fixed test case\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/fa70c45ca9a73bcef023a3e6afac49ffa3007480\"\u003e\u003ccode\u003efa70c45\u003c/code\u003e\u003c/a\u003e update agent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/eb47845632e48a7532e7e363ba78b9bc48c09264\"\u003e\u003ccode\u003eeb47845\u003c/code\u003e\u003c/a\u003e self-hosted: refactored block-policy apply logic\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/step-security/harden-runner/compare/0634a2670c59f64b4a01f0f96f84700a4088b9f0...002fdce3c6a235733a90a27c80493a3241e56863\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner\u0026package-manager=github_actions\u0026previous-version=2.12.0\u0026new-version=2.12.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Ludy87/test_java/pull/181","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ludy87%2Ftest_java/issues/181","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/181/packages"},{"uuid":"2800098036","node_id":"PR_kwDONo6NUs6IZpVC","number":78,"state":"closed","title":"Bump step-security/harden-runner from 2.10.3 to 2.10.4","user":"dependabot[bot]","labels":["Docker","github-actions","Github","Security","API","Test"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-01-20T19:08:14.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-01-20T18:48:00.000Z","updated_at":"2025-05-25T08:55:46.000Z","time_to_close":1214,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"step-security/harden-runner","old_version":"2.10.3","new_version":"2.10.4","repository_url":"https://github.com/step-security/harden-runner"}],"path":null,"ecosystem":"docker"},"body":"[//]: # (dependabot-start)\n⚠️  **Dependabot is rebasing this PR** ⚠️ \n\nRebasing might not happen immediately, so don't worry if this takes some time.\n\nNote: if you make any changes to this PR yourself, they will take precedence over the rebase.\n\n---\n\n[//]: # (dependabot-end)\n\nBumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.10.3 to 2.10.4.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.10.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eFixed a potential Harden-Runner post step failure that could occur when printing agent service logs. The fix gracefully handles failures without failing the post step.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2...v2.10.4\"\u003ehttps://github.com/step-security/harden-runner/compare/v2...v2.10.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/cb605e52c26070c328afc4562f0b4ada7618a84e\"\u003e\u003ccode\u003ecb605e5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/496\"\u003e#496\u003c/a\u003e from step-security/fix-enobufs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/61144dda3ba7a45a4e879e99c548ff785b492364\"\u003e\u003ccode\u003e61144dd\u003c/code\u003e\u003c/a\u003e Update log statement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/b8be370ff4fa3a7b5d97afe5cbb1921a734fffcc\"\u003e\u003ccode\u003eb8be370\u003c/code\u003e\u003c/a\u003e Add try catch block\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/6f6fa07e47155133e69ca8a751aad4ff01a292b1\"\u003e\u003ccode\u003e6f6fa07\u003c/code\u003e\u003c/a\u003e Fix ENOBUFS issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/18f6947f131da60743dc12d2a22ff28c2b4ea87f\"\u003e\u003ccode\u003e18f6947\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/495\"\u003e#495\u003c/a\u003e from AkhigbeEromo/Update-README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/81f844e74365cf557ddf3715c247f745a115a5b2\"\u003e\u003ccode\u003e81f844e\u003c/code\u003e\u003c/a\u003e Edit docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/4c766de2db7a0b0a47e5728947c16e113c64f377\"\u003e\u003ccode\u003e4c766de\u003c/code\u003e\u003c/a\u003e Merge branch 'Update-README' of \u003ca href=\"https://github.com/AkhigbeEromo/harden-runner\"\u003ehttps://github.com/AkhigbeEromo/harden-runner\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/c9c5f3273c74d0365949a3aa120e85977f51d1ef\"\u003e\u003ccode\u003ec9c5f32\u003c/code\u003e\u003c/a\u003e Handle Ashish reviews\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/2877824267faf8efc084b00de71c0fe737ff0a76\"\u003e\u003ccode\u003e2877824\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into Update-README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/be87de076dd7a9aa9a9220dc9488dea2f8775db0\"\u003e\u003ccode\u003ebe87de0\u003c/code\u003e\u003c/a\u003e Clean up\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/step-security/harden-runner/compare/c95a14d0e5bab51a9f56296a4eb0e416910cd350...cb605e52c26070c328afc4562f0b4ada7618a84e\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner\u0026package-manager=github_actions\u0026previous-version=2.10.3\u0026new-version=2.10.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Ludy87/test_java/pull/78","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ludy87%2Ftest_java/issues/78","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/78/packages"}],"issue_packages":[{"old_version":"2.15.1","new_version":"2.19.0","update_type":"minor","path":null,"pr_created_at":"2026-04-25T22:23:01.000Z","version_change":"2.15.1 → 2.19.0","issue":{"uuid":"4329387090","node_id":"PR_kwDOI2oX4M7Vpt8k","number":6228,"state":"open","title":"build(deps): bump step-security/harden-runner from 2.15.1 to 2.19.0","user":"dependabot[bot]","labels":["dependencies","Docker","Security","API","Test","Github","size:XS","github_actions","Devtools","build"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-25T22:23:01.000Z","updated_at":"2026-04-30T21:54:20.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"step-security/harden-runner","old_version":"2.15.1","new_version":"2.19.0","repository_url":"https://github.com/step-security/harden-runner"}],"path":null,"ecosystem":"docker"},"body":"Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.15.1 to 2.19.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.19.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eNew Runner Support\u003c/h3\u003e\n\u003cp\u003eHarden-Runner now supports Depot, Blacksmith, Namespace, and WarpBuild runners with the same egress monitoring, runtime monitoring, and policy enforcement available on GitHub-hosted runners.\u003c/p\u003e\n\u003ch3\u003eAutomated Incident Response for Supply Chain Attacks\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGlobal block list: Outbound connections to known malicious domains and IPs are now blocked even in audit mode.\u003c/li\u003e\n\u003cli\u003eSystem-defined detection rules: Harden-Runner will trigger lockdown mode when a high risk event is detected during an active supply chain attack (for example, a process reading the memory of the runner worker process, a common technique for stealing GitHub Actions secrets).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cp\u003eWindows and macOS: stability and reliability fixes\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.18.0...v2.19.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.18.0...v2.19.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.18.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eGlobal Block List: During supply chain incidents like the recent axios and trivy compromises, StepSecurity will add known malicious domains and IP addresses (IOCs) to a global block list. These will be automatically blocked, even in audit mode, providing immediate protection without requiring any workflow changes.\u003c/p\u003e\n\u003cp\u003eDeploy on Self-Hosted VM: Added \u003ccode\u003edeploy-on-self-hosted-vm\u003c/code\u003e input that allows the Harden Runner agent to be installed directly on ephemeral self-hosted Linux runner VMs at workflow runtime. This is intended as an alternative when baking the agent into the VM image is not possible.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.17.0...v2.18.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.17.0...v2.18.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.17.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003ePolicy Store Support\u003c/h3\u003e\n\u003cp\u003eAdded \u003ccode\u003euse-policy-store\u003c/code\u003e and \u003ccode\u003eapi-key\u003c/code\u003e inputs to fetch security policies directly from the \u003ca href=\"https://docs.stepsecurity.io/harden-runner/policy-store\"\u003eStepSecurity Policy Store\u003c/a\u003e. Policies can be defined and attached at the workflow, repo, org, or cluster (ARC) level, with the most granular policy taking precedence. This is the preferred method over the existing \u003ccode\u003epolicy\u003c/code\u003e input which requires \u003ccode\u003eid-token: write\u003c/code\u003e permission. If no policy is found in the store, the action defaults to audit mode.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.16.1...v2.17.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.16.1...v2.17.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eEnterprise tier: Added support for direct IP addresses in the allow list\nCommunity tier: Migrated Harden Runner telemetry to a new endpoint\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.16.0...v2.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated action.yml to use node24\u003c/li\u003e\n\u003cli\u003eSecurity fix: Fixed a medium severity vulnerability where the egress block policy could be bypassed via DNS over HTTPS (DoH) by proxying DNS queries through a permitted resolver, allowing data exfiltration even with a restrictive allowed-endpoints list. This issue only affects the Community Tier; the Enterprise Tier is not affected. See \u003ca href=\"https://github.com/step-security/harden-runner/security/advisories/GHSA-46g3-37rh-v698\"\u003eGHSA-46g3-37rh-v698\u003c/a\u003e for details.\u003c/li\u003e\n\u003cli\u003eSecurity fix: Fixed a medium severity vulnerability where the egress block policy could be bypassed via DNS queries over TCP to external resolvers, allowing outbound network communication that evades configured network restrictions. This issue only affects the Community Tier; the Enterprise Tier is not affected. See \u003ca href=\"https://github.com/step-security/harden-runner/security/advisories/GHSA-g699-3x6g-wm3g\"\u003eGHSA-g699-3x6g-wm3g\u003c/a\u003e for details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.15.1...v2.16.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.15.1...v2.16.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/8d3c67de8e2fe68ef647c8db1e6a09f647780f40\"\u003e\u003ccode\u003e8d3c67d\u003c/code\u003e\u003c/a\u003e Release v2.19.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/661\"\u003e#661\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/6c3c2f2c1c457b00c10c4848d6f5491db3b629df\"\u003e\u003ccode\u003e6c3c2f2\u003c/code\u003e\u003c/a\u003e Feature/deploy on self hosted vm (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/658\"\u003e#658\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/f808768d1510423e83855289c910610ca9b43176\"\u003e\u003ccode\u003ef808768\u003c/code\u003e\u003c/a\u003e Feature/policy store (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/656\"\u003e#656\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/fe104658747b27e96e4f7e80cd0a94068e53901d\"\u003e\u003ccode\u003efe10465\u003c/code\u003e\u003c/a\u003e v2.16.1 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/654\"\u003e#654\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594\"\u003e\u003ccode\u003efa2e9d6\u003c/code\u003e\u003c/a\u003e Release v2.16.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/646\"\u003e#646\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.15.1...8d3c67de8e2fe68ef647c8db1e6a09f647780f40\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/Stirling-Tools/Stirling-PDF/pull/6228","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Stirling-Tools%2FStirling-PDF/issues/6228","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6228/packages"}},{"old_version":"2.14.0","new_version":"2.15.1","update_type":"minor","path":null,"pr_created_at":"2026-03-07T22:24:07.000Z","version_change":"2.14.0 → 2.15.1","issue":{"uuid":"4039702708","node_id":"PR_kwDOI2oX4M7Ix31i","number":5896,"state":"open","title":"build(deps): bump step-security/harden-runner from 2.14.0 to 2.15.1","user":"dependabot[bot]","labels":["dependencies","Docker","Security","API","Test","Github","size:M","github_actions","Devtools","build"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-07T22:24:07.000Z","updated_at":"2026-03-07T22:58:57.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"step-security/harden-runner","old_version":"2.14.0","new_version":"2.15.1","repository_url":"https://github.com/step-security/harden-runner"}],"path":null,"ecosystem":"docker"},"body":"Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.14.0 to 2.15.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.15.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/642\"\u003estep-security/harden-runner#642\u003c/a\u003e bug due to which post step was failing on Windows ARM runners\u003c/li\u003e\n\u003cli\u003eUpdates npm packages\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.15.0...v2.15.1\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.15.0...v2.15.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.15.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eWindows and macOS runner support\u003c/h3\u003e\n\u003cp\u003eWe are excited to announce that Harden Runner now supports \u003cstrong\u003eWindows and macOS runners\u003c/strong\u003e, extending runtime security beyond Linux for the first time.\u003c/p\u003e\n\u003cp\u003eInsights for Windows and macOS runners will be displayed in the same consistent format you are already familiar with from Linux runners, giving you a unified view of runtime activity across all platforms.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.14.2...v2.15.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.14.2...v2.15.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.14.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eSecurity fix: Fixed a medium severity vulnerability where outbound network connections using sendto, sendmsg, and sendmmsg socket system calls could bypass audit logging when using egress-policy: audit. This issue only affects the Community Tier in audit mode; block mode and Enterprise Tier were not affected. See \u003ca href=\"https://github.com/step-security/harden-runner/security/advisories/GHSA-cpmj-h4f6-r6pq\"\u003eGHSA-cpmj-h4f6-r6pq\u003c/a\u003e for details.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.14.1...v2.14.2\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.14.1...v2.14.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.14.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003e\n\u003cp\u003eIn some self-hosted environments, the agent could briefly fall back to public DNS resolvers during startup if the system DNS was not yet available. This behavior was unintended for GitHub-hosted runners and has now been fixed to prevent any use of public DNS resolvers.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed npm audit vulnerabilities\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.14.0...v2.14.1\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.14.0...v2.14.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/58077d3c7e43986b6b15fba718e8ea69e387dfcc\"\u003e\u003ccode\u003e58077d3\u003c/code\u003e\u003c/a\u003e Release v2.15.1 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/641\"\u003e#641\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/a90bcbc6539c36a85cdfeb73f7e2f433735f215b\"\u003e\u003ccode\u003ea90bcbc\u003c/code\u003e\u003c/a\u003e Update readme (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/637\"\u003e#637\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/f0a59d88538059e010b6ebd90b74e2740a6d05fc\"\u003e\u003ccode\u003ef0a59d8\u003c/code\u003e\u003c/a\u003e Release v2.15.0 (\u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/639\"\u003e#639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/5ef0c079ce82195b2a36a210272d6b661572d83e\"\u003e\u003ccode\u003e5ef0c07\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/635\"\u003e#635\u003c/a\u003e from step-security/rc-34\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/eb43c7b3fd5a30c42ff1ab84b494f1cc6c7cc3b6\"\u003e\u003ccode\u003eeb43c7b\u003c/code\u003e\u003c/a\u003e update agent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/e3f713f2d8f53843e71c69a996d56f51aa9adfb9\"\u003e\u003ccode\u003ee3f713f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/631\"\u003e#631\u003c/a\u003e from step-security/rc-31\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/423acdda6fd4f75f197b7c305a3f2e3d700dc00b\"\u003e\u003ccode\u003e423acdd\u003c/code\u003e\u003c/a\u003e chore: fix npm audit vulnerabilities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/0ddb86cf0353b79dbed5bb8cef4103700cea70a7\"\u003e\u003ccode\u003e0ddb86c\u003c/code\u003e\u003c/a\u003e update agent\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/step-security/harden-runner/compare/20cf305ff2072d973412fa9b1e3a4f227bda3c76...58077d3c7e43986b6b15fba718e8ea69e387dfcc\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner\u0026package-manager=github_actions\u0026previous-version=2.14.0\u0026new-version=2.15.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Stirling-Tools/Stirling-PDF/pull/5896","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Stirling-Tools%2FStirling-PDF/issues/5896","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5896/packages"}},{"old_version":"2.13.0","new_version":"2.13.1","update_type":"patch","path":null,"pr_created_at":"2025-09-28T16:13:35.000Z","version_change":"2.13.0 → 2.13.1","issue":{"uuid":"2868107060","node_id":"PR_kwDOI2oX4M6q89c0","number":4538,"state":"closed","title":"build(deps): bump step-security/harden-runner from 2.13.0 to 2.13.1","user":"dependabot[bot]","labels":["dependencies","Docker","Security","API","Test","Github","size:M","github_actions","Devtools","build"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-09-28T20:22:40.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-28T16:13:35.000Z","updated_at":"2025-09-28T20:22:40.000Z","time_to_close":14945,"merged_at":"2025-09-28T20:22:40.000Z","merged_by":"Frooodle","closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"step-security/harden-runner","old_version":"2.13.0","new_version":"2.13.1","repository_url":"https://github.com/step-security/harden-runner"}],"path":null,"ecosystem":"docker"},"body":"[//]: # (dependabot-start)\n⚠️  **Dependabot is rebasing this PR** ⚠️ \n\nRebasing might not happen immediately, so don't worry if this takes some time.\n\nNote: if you make any changes to this PR yourself, they will take precedence over the rebase.\n\n---\n\n[//]: # (dependabot-end)\n\nBumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.13.0 to 2.13.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eGraceful handling of HTTP errors: Improved error handling when fetching Harden Runner policies from the StepSecurity Policy Store API, ensuring more reliable execution even in case of temporary network/API issues.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity updates for npm dependencies: Updated vulnerable npm package dependencies to the latest secure versions.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFaster enterprise agent downloads: The enterprise agent is now downloaded from GitHub Releases instead of packages.stepsecurity.io, improving download speed and reliability.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.13.0...v2.13.1\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.13.0...v2.13.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a\"\u003e\u003ccode\u003ef4a75cf\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/588\"\u003e#588\u003c/a\u003e from step-security/rc-26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/95503d076c107b91d03775aee93f4cb86a134dda\"\u003e\u003ccode\u003e95503d0\u003c/code\u003e\u003c/a\u003e ci: remove code-review workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/4b250a07397b4cabc038948e3d832967764db6b4\"\u003e\u003ccode\u003e4b250a0\u003c/code\u003e\u003c/a\u003e ci: add job to confirm dist is as expected\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/5b0ab6abcf4c643b4ddf49d19fdb13c5821d124b\"\u003e\u003ccode\u003e5b0ab6a\u003c/code\u003e\u003c/a\u003e update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/d11f2c1d65a99d8b0f20925c425d4d932e6d3366\"\u003e\u003ccode\u003ed11f2c1\u003c/code\u003e\u003c/a\u003e fix bug where status code was not being preserved\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/b3fc98e4dfca39273624a95b9c5fd70d759997e5\"\u003e\u003ccode\u003eb3fc98e\u003c/code\u003e\u003c/a\u003e improve error handling for policy store sceanrio\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/92fc5d4bf78f09f5494523f3d8f2f85786fe757f\"\u003e\u003ccode\u003e92fc5d4\u003c/code\u003e\u003c/a\u003e update error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/b61b0a4938ef1a80f368fbb9a0abcf78846e15a4\"\u003e\u003ccode\u003eb61b0a4\u003c/code\u003e\u003c/a\u003e policy store improvements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/e3d3f2baeacadcbf3b2ad500171dd444855d4577\"\u003e\u003ccode\u003ee3d3f2b\u003c/code\u003e\u003c/a\u003e use GitHub release instead of packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/646ac01e72c16075733090f55857fc2f2d9a7e7a\"\u003e\u003ccode\u003e646ac01\u003c/code\u003e\u003c/a\u003e update agent\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/step-security/harden-runner/compare/ec9f2d5744a09debf3a187a3f4f675c53b671911...f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner\u0026package-manager=github_actions\u0026previous-version=2.13.0\u0026new-version=2.13.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Stirling-Tools/Stirling-PDF/pull/4538","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Stirling-Tools%2FStirling-PDF/issues/4538","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4538/packages"}},{"old_version":"2.12.2","new_version":"2.13.1","update_type":"minor","path":null,"pr_created_at":"2025-09-10T17:16:26.000Z","version_change":"2.12.2 → 2.13.1","issue":{"uuid":"2816203782","node_id":"PR_kwDONo6NUs6n29wG","number":316,"state":"closed","title":"Bump step-security/harden-runner from 2.12.2 to 2.13.1","user":"dependabot[bot]","labels":["Docker","github-actions","Github","Security","API","Test"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-09-21T07:37:13.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-10T17:16:26.000Z","updated_at":"2025-09-21T07:37:13.000Z","time_to_close":915647,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"step-security/harden-runner","old_version":"2.12.2","new_version":"2.13.1","repository_url":"https://github.com/step-security/harden-runner"}],"path":null,"ecosystem":"docker"},"body":"Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.12.2 to 2.13.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.13.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eGraceful handling of HTTP errors: Improved error handling when fetching Harden Runner policies from the StepSecurity Policy Store API, ensuring more reliable execution even in case of temporary network/API issues.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity updates for npm dependencies: Updated vulnerable npm package dependencies to the latest secure versions.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFaster enterprise agent downloads: The enterprise agent is now downloaded from GitHub Releases instead of packages.stepsecurity.io, improving download speed and reliability.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.13.0...v2.13.1\"\u003ehttps://github.com/step-security/harden-runner/compare/v2.13.0...v2.13.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.13.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved job markdown summary\u003c/li\u003e\n\u003cli\u003eHttps monitoring for all domains (included with the enterprise tier)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2...v2.13.0\"\u003ehttps://github.com/step-security/harden-runner/compare/v2...v2.13.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a\"\u003e\u003ccode\u003ef4a75cf\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/588\"\u003e#588\u003c/a\u003e from step-security/rc-26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/95503d076c107b91d03775aee93f4cb86a134dda\"\u003e\u003ccode\u003e95503d0\u003c/code\u003e\u003c/a\u003e ci: remove code-review workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/4b250a07397b4cabc038948e3d832967764db6b4\"\u003e\u003ccode\u003e4b250a0\u003c/code\u003e\u003c/a\u003e ci: add job to confirm dist is as expected\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/5b0ab6abcf4c643b4ddf49d19fdb13c5821d124b\"\u003e\u003ccode\u003e5b0ab6a\u003c/code\u003e\u003c/a\u003e update dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/d11f2c1d65a99d8b0f20925c425d4d932e6d3366\"\u003e\u003ccode\u003ed11f2c1\u003c/code\u003e\u003c/a\u003e fix bug where status code was not being preserved\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/b3fc98e4dfca39273624a95b9c5fd70d759997e5\"\u003e\u003ccode\u003eb3fc98e\u003c/code\u003e\u003c/a\u003e improve error handling for policy store sceanrio\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/92fc5d4bf78f09f5494523f3d8f2f85786fe757f\"\u003e\u003ccode\u003e92fc5d4\u003c/code\u003e\u003c/a\u003e update error message\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/b61b0a4938ef1a80f368fbb9a0abcf78846e15a4\"\u003e\u003ccode\u003eb61b0a4\u003c/code\u003e\u003c/a\u003e policy store improvements\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/e3d3f2baeacadcbf3b2ad500171dd444855d4577\"\u003e\u003ccode\u003ee3d3f2b\u003c/code\u003e\u003c/a\u003e use GitHub release instead of packages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/646ac01e72c16075733090f55857fc2f2d9a7e7a\"\u003e\u003ccode\u003e646ac01\u003c/code\u003e\u003c/a\u003e update agent\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2.12.2...f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner\u0026package-manager=github_actions\u0026previous-version=2.12.2\u0026new-version=2.13.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Ludy87/test_java/pull/316","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ludy87%2Ftest_java/issues/316","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/316/packages"}},{"old_version":"2.12.1","new_version":"2.12.2","update_type":"patch","path":null,"pr_created_at":"2025-07-01T02:13:19.000Z","version_change":"2.12.1 → 2.12.2","issue":{"uuid":"2630636049","node_id":"PR_kwDOI2oX4M6czFIR","number":3849,"state":"closed","title":"chore(deps): bump step-security/harden-runner from 2.12.1 to 2.12.2","user":"dependabot[bot]","labels":["dependencies","Docker","Security","API","Test","Github","size:M","github_actions","Devtools"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-07-01T14:39:13.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-07-01T02:13:19.000Z","updated_at":"2025-07-01T14:39:13.000Z","time_to_close":44754,"merged_at":"2025-07-01T14:39:13.000Z","merged_by":"Frooodle","closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"step-security/harden-runner","old_version":"2.12.1","new_version":"2.12.2","repository_url":"https://github.com/step-security/harden-runner"}],"path":null,"ecosystem":"docker"},"body":"Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.12.1 to 2.12.2.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.12.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eAdded HTTPS Monitoring for additional destinations - *.githubusercontent.com\nBug fixes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImplicitly allow local multicast, local unicast and broadcast IP addresses in block mode\u003c/li\u003e\n\u003cli\u003eIncreased policy map size for block mode\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2...v2.12.2\"\u003ehttps://github.com/step-security/harden-runner/compare/v2...v2.12.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/6c439dc8bdf85cadbbce9ed30d1c7b959517bc49\"\u003e\u003ccode\u003e6c439dc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/562\"\u003e#562\u003c/a\u003e from step-security/rc-22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/bf5688696d0b2cf8221eadb38e4232386015763a\"\u003e\u003ccode\u003ebf56886\u003c/code\u003e\u003c/a\u003e update agent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/5436dac7b5fa76a1a179168f5f4de86c00e22c84\"\u003e\u003ccode\u003e5436dac\u003c/code\u003e\u003c/a\u003e update agent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/88d305a3530acfa6d1939000baaa571e520df9c8\"\u003e\u003ccode\u003e88d305a\u003c/code\u003e\u003c/a\u003e update agent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/b976878278dbe3bc16039f7165b8faf809c50297\"\u003e\u003ccode\u003eb976878\u003c/code\u003e\u003c/a\u003e update agent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/875cc92db280a03598e7492a3e6c165c689f7af6\"\u003e\u003ccode\u003e875cc92\u003c/code\u003e\u003c/a\u003e Update agent\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/step-security/harden-runner/compare/002fdce3c6a235733a90a27c80493a3241e56863...6c439dc8bdf85cadbbce9ed30d1c7b959517bc49\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner\u0026package-manager=github_actions\u0026previous-version=2.12.1\u0026new-version=2.12.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Stirling-Tools/Stirling-PDF/pull/3849","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Stirling-Tools%2FStirling-PDF/issues/3849","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3849/packages"}},{"old_version":"2.12.0","new_version":"2.12.1","update_type":"patch","path":null,"pr_created_at":"2025-06-16T20:06:16.000Z","version_change":"2.12.0 → 2.12.1","issue":{"uuid":"2596772565","node_id":"PR_kwDOI2oX4M6ax5rV","number":3728,"state":"closed","title":"Bump step-security/harden-runner from 2.12.0 to 2.12.1","user":"dependabot[bot]","labels":["dependencies","Docker","Security","API","Test","Github","size:M","github_actions"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-06-16T22:31:27.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-06-16T20:06:16.000Z","updated_at":"2025-06-16T22:31:28.000Z","time_to_close":8711,"merged_at":"2025-06-16T22:31:27.000Z","merged_by":"Frooodle","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"step-security/harden-runner","old_version":"2.12.0","new_version":"2.12.1","repository_url":"https://github.com/step-security/harden-runner"}],"path":null,"ecosystem":"docker"},"body":"Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.12.0 to 2.12.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.12.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDetection capabilities have been upgraded to better recognize attempts at runner tampering. These improvements are informed by real-world incident learnings, including analysis of anomalous behaviors observed in the tj-actions and reviewdog supply chain attack.\u003c/li\u003e\n\u003cli\u003eResolved an issue where the block policy was not enforced correctly when the GitHub Actions job was running inside a container on a self-hosted VM runner.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2...v2.12.1\"\u003ehttps://github.com/step-security/harden-runner/compare/v2...v2.12.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/002fdce3c6a235733a90a27c80493a3241e56863\"\u003e\u003ccode\u003e002fdce\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/544\"\u003e#544\u003c/a\u003e from step-security/rc-21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/2489e3fcb3d00eac3cb27c9b490431a4d26eac58\"\u003e\u003ccode\u003e2489e3f\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into rc-21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/75dd441a816c3c7ea21313ec8ff21d9f7b69f534\"\u003e\u003ccode\u003e75dd441\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/555\"\u003e#555\u003c/a\u003e from step-security/dependabot/github_actions/step-sec...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/4381ace9c4db180c9cc8ff9a6dd4220f17a95690\"\u003e\u003ccode\u003e4381ace\u003c/code\u003e\u003c/a\u003e Bump step-security/publish-unit-test-result-action from 2.19.0 to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/a9da90b635b492e68edb2a24949fcab1e313e9eb\"\u003e\u003ccode\u003ea9da90b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/553\"\u003e#553\u003c/a\u003e from h0x0er/feat/container-workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/a60ef21c0c1f49c7ac6c8d65b6f4d16d419789c1\"\u003e\u003ccode\u003ea60ef21\u003c/code\u003e\u003c/a\u003e update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/4ad512f16553ff1c022684cc96be0329a7618db8\"\u003e\u003ccode\u003e4ad512f\u003c/code\u003e\u003c/a\u003e Merge branch 'rc-21' into feat/container-workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/6b41a3923518db2abe77790e47793760b5c47c28\"\u003e\u003ccode\u003e6b41a39\u003c/code\u003e\u003c/a\u003e fixed test case\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/fa70c45ca9a73bcef023a3e6afac49ffa3007480\"\u003e\u003ccode\u003efa70c45\u003c/code\u003e\u003c/a\u003e update agent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/eb47845632e48a7532e7e363ba78b9bc48c09264\"\u003e\u003ccode\u003eeb47845\u003c/code\u003e\u003c/a\u003e self-hosted: refactored block-policy apply logic\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/step-security/harden-runner/compare/0634a2670c59f64b4a01f0f96f84700a4088b9f0...002fdce3c6a235733a90a27c80493a3241e56863\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner\u0026package-manager=github_actions\u0026previous-version=2.12.0\u0026new-version=2.12.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Stirling-Tools/Stirling-PDF/pull/3728","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Stirling-Tools%2FStirling-PDF/issues/3728","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3728/packages"}},{"old_version":"2.12.0","new_version":"2.12.1","update_type":"patch","path":null,"pr_created_at":"2025-06-11T17:33:10.000Z","version_change":"2.12.0 → 2.12.1","issue":{"uuid":"3137616282","node_id":"PR_kwDONo6NUs6aE3c_","number":181,"state":"open","title":"Bump step-security/harden-runner from 2.12.0 to 2.12.1","user":"dependabot[bot]","labels":["Docker","Github","Security","API","Test","Bump"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-06-11T17:33:10.000Z","updated_at":"2025-06-21T19:06:22.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"step-security/harden-runner","old_version":"2.12.0","new_version":"2.12.1","repository_url":"https://github.com/step-security/harden-runner"}],"path":null,"ecosystem":"docker"},"body":"Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.12.0 to 2.12.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.12.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDetection capabilities have been upgraded to better recognize attempts at runner tampering. These improvements are informed by real-world incident learnings, including analysis of anomalous behaviors observed in the tj-actions and reviewdog supply chain attack.\u003c/li\u003e\n\u003cli\u003eResolved an issue where the block policy was not enforced correctly when the GitHub Actions job was running inside a container on a self-hosted VM runner.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2...v2.12.1\"\u003ehttps://github.com/step-security/harden-runner/compare/v2...v2.12.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/002fdce3c6a235733a90a27c80493a3241e56863\"\u003e\u003ccode\u003e002fdce\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/544\"\u003e#544\u003c/a\u003e from step-security/rc-21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/2489e3fcb3d00eac3cb27c9b490431a4d26eac58\"\u003e\u003ccode\u003e2489e3f\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into rc-21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/75dd441a816c3c7ea21313ec8ff21d9f7b69f534\"\u003e\u003ccode\u003e75dd441\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/555\"\u003e#555\u003c/a\u003e from step-security/dependabot/github_actions/step-sec...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/4381ace9c4db180c9cc8ff9a6dd4220f17a95690\"\u003e\u003ccode\u003e4381ace\u003c/code\u003e\u003c/a\u003e Bump step-security/publish-unit-test-result-action from 2.19.0 to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/a9da90b635b492e68edb2a24949fcab1e313e9eb\"\u003e\u003ccode\u003ea9da90b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/553\"\u003e#553\u003c/a\u003e from h0x0er/feat/container-workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/a60ef21c0c1f49c7ac6c8d65b6f4d16d419789c1\"\u003e\u003ccode\u003ea60ef21\u003c/code\u003e\u003c/a\u003e update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/4ad512f16553ff1c022684cc96be0329a7618db8\"\u003e\u003ccode\u003e4ad512f\u003c/code\u003e\u003c/a\u003e Merge branch 'rc-21' into feat/container-workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/6b41a3923518db2abe77790e47793760b5c47c28\"\u003e\u003ccode\u003e6b41a39\u003c/code\u003e\u003c/a\u003e fixed test case\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/fa70c45ca9a73bcef023a3e6afac49ffa3007480\"\u003e\u003ccode\u003efa70c45\u003c/code\u003e\u003c/a\u003e update agent\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/eb47845632e48a7532e7e363ba78b9bc48c09264\"\u003e\u003ccode\u003eeb47845\u003c/code\u003e\u003c/a\u003e self-hosted: refactored block-policy apply logic\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/step-security/harden-runner/compare/0634a2670c59f64b4a01f0f96f84700a4088b9f0...002fdce3c6a235733a90a27c80493a3241e56863\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner\u0026package-manager=github_actions\u0026previous-version=2.12.0\u0026new-version=2.12.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Ludy87/test_java/pull/181","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ludy87%2Ftest_java/issues/181","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/181/packages"}},{"old_version":"2.10.3","new_version":"2.10.4","update_type":"patch","path":null,"pr_created_at":"2025-01-20T18:48:00.000Z","version_change":"2.10.3 → 2.10.4","issue":{"uuid":"2800098036","node_id":"PR_kwDONo6NUs6IZpVC","number":78,"state":"closed","title":"Bump step-security/harden-runner from 2.10.3 to 2.10.4","user":"dependabot[bot]","labels":["Docker","github-actions","Github","Security","API","Test"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-01-20T19:08:14.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-01-20T18:48:00.000Z","updated_at":"2025-05-25T08:55:46.000Z","time_to_close":1214,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"step-security/harden-runner","old_version":"2.10.3","new_version":"2.10.4","repository_url":"https://github.com/step-security/harden-runner"}],"path":null,"ecosystem":"docker"},"body":"[//]: # (dependabot-start)\n⚠️  **Dependabot is rebasing this PR** ⚠️ \n\nRebasing might not happen immediately, so don't worry if this takes some time.\n\nNote: if you make any changes to this PR yourself, they will take precedence over the rebase.\n\n---\n\n[//]: # (dependabot-end)\n\nBumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.10.3 to 2.10.4.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/step-security/harden-runner/releases\"\u003estep-security/harden-runner's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.10.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eFixed a potential Harden-Runner post step failure that could occur when printing agent service logs. The fix gracefully handles failures without failing the post step.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/step-security/harden-runner/compare/v2...v2.10.4\"\u003ehttps://github.com/step-security/harden-runner/compare/v2...v2.10.4\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/cb605e52c26070c328afc4562f0b4ada7618a84e\"\u003e\u003ccode\u003ecb605e5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/496\"\u003e#496\u003c/a\u003e from step-security/fix-enobufs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/61144dda3ba7a45a4e879e99c548ff785b492364\"\u003e\u003ccode\u003e61144dd\u003c/code\u003e\u003c/a\u003e Update log statement\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/b8be370ff4fa3a7b5d97afe5cbb1921a734fffcc\"\u003e\u003ccode\u003eb8be370\u003c/code\u003e\u003c/a\u003e Add try catch block\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/6f6fa07e47155133e69ca8a751aad4ff01a292b1\"\u003e\u003ccode\u003e6f6fa07\u003c/code\u003e\u003c/a\u003e Fix ENOBUFS issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/18f6947f131da60743dc12d2a22ff28c2b4ea87f\"\u003e\u003ccode\u003e18f6947\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/step-security/harden-runner/issues/495\"\u003e#495\u003c/a\u003e from AkhigbeEromo/Update-README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/81f844e74365cf557ddf3715c247f745a115a5b2\"\u003e\u003ccode\u003e81f844e\u003c/code\u003e\u003c/a\u003e Edit docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/4c766de2db7a0b0a47e5728947c16e113c64f377\"\u003e\u003ccode\u003e4c766de\u003c/code\u003e\u003c/a\u003e Merge branch 'Update-README' of \u003ca href=\"https://github.com/AkhigbeEromo/harden-runner\"\u003ehttps://github.com/AkhigbeEromo/harden-runner\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/c9c5f3273c74d0365949a3aa120e85977f51d1ef\"\u003e\u003ccode\u003ec9c5f32\u003c/code\u003e\u003c/a\u003e Handle Ashish reviews\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/2877824267faf8efc084b00de71c0fe737ff0a76\"\u003e\u003ccode\u003e2877824\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into Update-README\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/step-security/harden-runner/commit/be87de076dd7a9aa9a9220dc9488dea2f8775db0\"\u003e\u003ccode\u003ebe87de0\u003c/code\u003e\u003c/a\u003e Clean up\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/step-security/harden-runner/compare/c95a14d0e5bab51a9f56296a4eb0e416910cd350...cb605e52c26070c328afc4562f0b4ada7618a84e\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner\u0026package-manager=github_actions\u0026previous-version=2.10.3\u0026new-version=2.10.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Ludy87/test_java/pull/78","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Ludy87%2Ftest_java/issues/78","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/78/packages"}}]}