[StepSecurity] Apply security best practices (#4539)

Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2026-06-27 22:34:27 +00:00 · 2024-12-15 09:31:21 -08:00
parent 6a2ae22a5a
commit 4003f8da02
13 changed files with 374 additions and 57 deletions
@@ -15,6 +15,11 @@ jobs:
    runs-on: ubuntu-latest

    steps:
-      - uses: srvaroa/labeler@master
+      - name: Harden Runner
+        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        with:
+          egress-policy: audit
+
+      - uses: srvaroa/labeler@1b3cdb1af3e59155a08b9b2436d0d54feaff49e2 # master
        env:
          GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"