chore(deps): bump step-security/harden-runner from 2.14.2 to 2.20.0#131
Conversation
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.14.2 to 2.20.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@5ef0c07...bf7454d) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
There was a problem hiding this comment.
Pull request overview
OpenCode model providers were unavailable for this same-head run, but deterministic current-head evidence is clean: coverage evidence passed, peer GitHub Checks are complete, medium-or-higher code-scanning alerts are clear, mergeability is clean, and reviewer threads are resolved or outdated.
Findings
No blocking findings.
Evidence
- Result: APPROVE
- Reason: current-head model-unavailable evidence fallback; coverage, docstring, peer GitHub Checks, code-scanning alerts, mergeability, and review threads were clear for current head.
- Scope:
unsupported - Changed files:
0 - Model-pool outcome:
exhausted - Head SHA:
77dd802c3792c3563a9a1b42ae840c40bd7cd09e - Workflow run: 29203151675
- Workflow attempt: 1
This fallback does not suppress failed checks, medium-or-higher code-scanning alerts, merge conflicts, unresolved reviewer threads, or failed coverage evidence; any of those conditions still publish REQUEST_CHANGES or leave the approval state unchanged.
…rden-runner-2.20.0
There was a problem hiding this comment.
Pull request overview
OpenCode model providers were unavailable for this same-head run, but deterministic current-head evidence is clean: coverage evidence passed, peer GitHub Checks are complete, medium-or-higher code-scanning alerts are clear, mergeability is clean, and reviewer threads are resolved or outdated.
Findings
No blocking findings.
Evidence
- Result: APPROVE
- Reason: current-head model-unavailable evidence fallback; coverage, docstring, peer GitHub Checks, code-scanning alerts, mergeability, and review threads were clear for current head.
- Scope:
unsupported - Changed files:
0 - Model-pool outcome:
exhausted - Head SHA:
75aa9eec8db7f9c43cfa0968f9a181b97d2181f2 - Workflow run: 29212935316
- Workflow attempt: 1
This fallback does not suppress failed checks, medium-or-higher code-scanning alerts, merge conflicts, unresolved reviewer threads, or failed coverage evidence; any of those conditions still publish REQUEST_CHANGES or leave the approval state unchanged.
…rden-runner-2.20.0
There was a problem hiding this comment.
Pull request overview
OpenCode model providers were unavailable for this same-head run, but deterministic current-head evidence is clean: coverage evidence passed, peer GitHub Checks are complete, medium-or-higher code-scanning alerts are clear, mergeability is clean, and reviewer threads are resolved or outdated.
Findings
No blocking findings.
Evidence
- Result: APPROVE
- Reason: current-head model-unavailable evidence fallback; coverage, docstring, peer GitHub Checks, code-scanning alerts, mergeability, and review threads were clear for current head.
- Scope:
unsupported - Changed files:
0 - Model-pool outcome:
exhausted - Head SHA:
9f42177df7f4251153f52286794436757056cb2b - Workflow run: 29213830299
- Workflow attempt: 1
This fallback does not suppress failed checks, medium-or-higher code-scanning alerts, merge conflicts, unresolved reviewer threads, or failed coverage evidence; any of those conditions still publish REQUEST_CHANGES or leave the approval state unchanged.
Bumps step-security/harden-runner from 2.14.2 to 2.20.0.
Release notes
Sourced from step-security/harden-runner's releases.
... (truncated)
Commits
bf7454dMerge pull request #673 from step-security/fix/aggregate-error-startup-hang1188420Update non-TLS agent to v0.16.2162cfeaUpdate non-TLS agent to v0.16.1eb9e1f4Bring macOS runner updates from PR 6741a10b01Update Windows agent to v1.0.78b4a105Apply npm audit fixes with release-age cooldown3626e03Default TLS status check failures to enabled100e08bUpdate agent-ebpf to v1.8.12774f75fUpdate agent to v1.8.9f312657Extend missing-agent-dir guard to Linux and macOS cleanup pathsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)