Skip to content

[StepSecurity] Apply security best practices#516

Open
stepsecurity-app[bot] wants to merge 2 commits into
masterfrom
chore/GHA-111634-stepsecurity-remediation
Open

[StepSecurity] Apply security best practices#516
stepsecurity-app[bot] wants to merge 2 commits into
masterfrom
chore/GHA-111634-stepsecurity-remediation

Conversation

@stepsecurity-app

Copy link
Copy Markdown

Summary

This pull request has been generated by StepSecurity as part of your enterprise subscription to ensure compliance with recommended security best practices. Please review and merge the pull request to apply these security enhancements.

Security Fixes

Harden Runner

Harden-Runner is an open-source security agent for the GitHub-hosted runner to prevent software supply chain attacks. It prevents exfiltration of credentials, detects tampering of source code during build, and enables running jobs without sudo access.

Feedback

For bug reports, feature requests, and general feedback; please create an issue in step-security/secure-repo or contact us via our website.

Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
@fraxken

fraxken commented Jul 14, 2026

Copy link
Copy Markdown
Member

@copilot resolve the merge conflicts in this pull request

Copilot AI commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

@copilot resolve the merge conflicts in this pull request

Resolved. The merge conflict in .github/workflows/publish.yml was between the harden-runner step added by this PR and the updated actions/checkout@v7.0.0 from master. The resolution keeps both: the harden-runner security hardening from this PR and the updated action versions from master (commit 8080d4e).

Copilot AI requested a review from fraxken July 14, 2026 11:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants