From aebf2ec96ff4e1d30da3601fc9fffda57c4dcdf6 Mon Sep 17 00:00:00 2001 From: Ihar Hrachyshka Date: Wed, 18 Jun 2025 22:41:15 +0000 Subject: [PATCH] ci: Remove harden-runner steps from jobs No one looks at results; the value of it is unknown to anyone I asked. Signed-off-by: Ihar Hrachyshka --- .github/workflows/actionlint.yml | 5 ----- .github/workflows/docs.yml | 4 ---- .github/workflows/lint.yml | 5 ----- .github/workflows/pypi.yaml | 15 --------------- .github/workflows/test.yml | 5 ----- 5 files changed, 34 deletions(-) diff --git a/.github/workflows/actionlint.yml b/.github/workflows/actionlint.yml index df1a2f0..e7b8ff2 100644 --- a/.github/workflows/actionlint.yml +++ b/.github/workflows/actionlint.yml @@ -29,11 +29,6 @@ jobs: actionlint: runs-on: ubuntu-latest steps: - - name: "Harden Runner" - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 - with: - egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - name: "Checkout" uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 5bf7c6b..a62b38d 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -32,10 +32,6 @@ jobs: markdown-lint: runs-on: ubuntu-latest steps: - - name: "Harden Runner" - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 - with: - egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: "Checkout" uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 384c0dc..72e3528 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -59,11 +59,6 @@ jobs: commands: | tox -e mypy steps: - - name: "Harden Runner" - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 - with: - egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - name: "Checkout" uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: diff --git a/.github/workflows/pypi.yaml b/.github/workflows/pypi.yaml index a076ee9..903073e 100644 --- a/.github/workflows/pypi.yaml +++ b/.github/workflows/pypi.yaml @@ -36,11 +36,6 @@ jobs: name: Build and check packages runs-on: ubuntu-latest steps: - - name: "Harden Runner" - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 - with: - egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - name: "Checkout" uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: @@ -65,11 +60,6 @@ jobs: needs: build-package steps: - - name: "Harden Runner" - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 - with: - egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - name: "Download build artifacts" uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 with: @@ -97,11 +87,6 @@ jobs: needs: build-package steps: - - name: "Harden Runner" - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 - with: - egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - name: "Download build artifacts" uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 with: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 2989187..7fed552 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -54,11 +54,6 @@ jobs: - python: "3.11" platform: "macos-latest" steps: - - name: "Harden Runner" - uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1 - with: - egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - name: Checkout uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: