Skip to content

chore(deps): bump step-security/harden-runner from 2.13.1 to 2.13.3#1725

Open
dependabot[bot] wants to merge 1 commit into
release-v0.26.xfrom
dependabot/github_actions/release-v0.26.x/step-security/harden-runner-2.13.3
Open

chore(deps): bump step-security/harden-runner from 2.13.1 to 2.13.3#1725
dependabot[bot] wants to merge 1 commit into
release-v0.26.xfrom
dependabot/github_actions/release-v0.26.x/step-security/harden-runner-2.13.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 23, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps step-security/harden-runner from 2.13.1 to 2.13.3.

Release notes

Sourced from step-security/harden-runner's releases.

v2.13.3

What's Changed

  • Fixed an issue where process events were not uploaded in certain edge cases.

Full Changelog: step-security/harden-runner@v2.13.2...v2.13.3

v2.13.2

What's Changed

  • Fixed an issue where there was a limit of 512 allowed endpoints when using block egress policy. This restriction has been removed, allowing for an unlimited number of endpoints to be configured.
  • Harden Runner now automatically detects if the agent is already pre-installed on a custom VM image used by a GitHub-hosted runner. When detected, the action will skip reinstallation and use the existing agent.

Full Changelog: step-security/harden-runner@v2.13.1...v2.13.2

Commits

@dependabot dependabot Bot added dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. labels Jun 23, 2026
@tekton-robot tekton-robot requested review from jkhelil and wlynch June 23, 2026 07:38
@tekton-robot tekton-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Jun 23, 2026
@anithapriyanatarajan

anithapriyanatarajan commented Jun 23, 2026

Copy link
Copy Markdown
Contributor

/lgtm

@tekton-robot tekton-robot added the lgtm Indicates that a PR is ready to be merged. label Jun 23, 2026
@anithapriyanatarajan

anithapriyanatarajan commented Jun 23, 2026

Copy link
Copy Markdown
Contributor

/approve

@tekton-robot

tekton-robot commented Jun 23, 2026

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: anithapriyanatarajan
To complete the pull request process, please assign wlynch after the PR has been reviewed.
You can assign the PR to them by writing /assign @wlynch in a comment when ready.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@jkhelil

jkhelil commented Jun 24, 2026

Copy link
Copy Markdown
Member

@dependabot rebase

@dependabot
chore(deps): bump step-security/harden-runner from 2.13.1 to 2.13.3
ebc68dd 
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.13.1 to 2.13.3.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](step-security/harden-runner@f4a75cf...df199fb)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.13.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/release-v0.26.x/step-security/harden-runner-2.13.3 branch from b03f771 to ebc68dd Compare June 24, 2026 04:06
@tekton-robot tekton-robot removed the lgtm Indicates that a PR is ready to be merged. label Jun 24, 2026
@tekton-robot

tekton-robot commented Jun 24, 2026

Copy link
Copy Markdown

New changes are detected. LGTM label has been removed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jkhelil jkhelil Awaiting requested review from jkhelil

@wlynch wlynch Awaiting requested review from wlynch

At least 1 approving review is required to merge this pull request.

Assignees

@anithapriyanatarajan anithapriyanatarajan

Labels

dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@anithapriyanatarajan @tekton-robot @jkhelil