Update Harden Runner step in node workflows

2024-11-22 20:01:06 +07:00 · 2021-12-07 21:26:23 +05:30 · 2021-12-07 21:26:23 +05:30 · cecf84878d
commit cecf84878d
parent be75d5e01d
2 changed files with 7 additions and 4 deletions
--- a/.github/workflows/node-release.yml
+++ b/.github/workflows/node-release.yml
@ -18,7 +18,12 @@ jobs:
      packages: write
    steps:
      - name: Harden Runner
-        uses: step-security/harden-runner@main
+        uses: step-security/harden-runner@v1
+        with:
+          allowed-endpoints:
+            github.com:443
+            npm.pkg.github.com:443
+            registry.npmjs.org:443

      - name: Checkout release
        if: github.event_name != 'workflow_dispatch'
--- a/.github/workflows/node-workflow.yml
+++ b/.github/workflows/node-workflow.yml
@ -26,11 +26,9 @@ jobs:
        operating-system: [ubuntu-latest, windows-latest, macos-latest]
    steps:
      - name: Harden Runner
-        if: runner.os == 'Linux'
-        uses: step-security/harden-runner@main
+        uses: step-security/harden-runner@v1
        with:
          allowed-endpoints:
-            beta.api.stepsecurity.io.:443
            codecov.io.:443
            github.com.:443
            nodejs.org.:443