Skip to content

Bump the github-actions group across 1 directory with 7 updates#221

Merged
steve-downey merged 1 commit into
mainfrom
dependabot/github_actions/github-actions-169dd1f415
May 12, 2026
Merged

Bump the github-actions group across 1 directory with 7 updates#221
steve-downey merged 1 commit into
mainfrom
dependabot/github_actions/github-actions-169dd1f415

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 4, 2026
edited
Loading

Bumps the github-actions group with 7 updates in the / directory:

Package From To
bemanproject/infra-workflows/.github/workflows/reusable-beman-submodule-check.yml 1.7.1 1.7.2
bemanproject/infra-workflows/.github/workflows/reusable-beman-preset-test.yml 1.7.1 1.7.2
bemanproject/infra-workflows/.github/workflows/reusable-beman-build-and-test.yml 1.7.1 1.7.2
bemanproject/infra-workflows/.github/workflows/reusable-beman-create-issue-when-fault.yml 1.7.1 1.7.2
step-security/harden-runner 2.19.0 2.19.1
bemanproject/infra-workflows/.github/workflows/reusable-beman-pre-commit.yml 1.7.1 1.7.2
bemanproject/infra-workflows/.github/workflows/reusable-beman-update-pre-commit.yml 1.7.1 1.7.2

Updates bemanproject/infra-workflows/.github/workflows/reusable-beman-submodule-check.yml from 1.7.1 to 1.7.2

Commits

Updates bemanproject/infra-workflows/.github/workflows/reusable-beman-preset-test.yml from 1.7.1 to 1.7.2

Commits

Updates bemanproject/infra-workflows/.github/workflows/reusable-beman-build-and-test.yml from 1.7.1 to 1.7.2

Commits

Updates bemanproject/infra-workflows/.github/workflows/reusable-beman-create-issue-when-fault.yml from 1.7.1 to 1.7.2

Commits

Updates step-security/harden-runner from 2.19.0 to 2.19.1

Release notes

Sourced from step-security/harden-runner's releases.

v2.19.1

What's Changed

What the fix changes

  • Harden-Runner will detect ubuntu-slim runners and exit cleanly with an informational log message, instead of post harden runner step failing on chown: invalid user: 'undefined'.

What the fix does not do

  • Jobs running on ubuntu-slim will not be monitored by Harden-Runner. The agent relies on kernel-level features (that require elevated capabilities).
  • Per GitHub's docs on single-CPU runners: "The container for ubuntu-slim runners runs in unprivileged mode. This means that some operations requiring elevated privileges such as mounting file systems, using Docker-in-Docker, or accessing low-level kernel features are not supported." Those low-level kernel features are what the agent needs, so monitoring inside the unprivileged container is not feasible today.

For StepSecurity enterprise customers If your security posture requires that workflows are always monitored, you can block the use of ubuntu-slim via workflow run policies see the Runner Label Policy docs. This lets you enforce that jobs only run on monitored runner types.

New Contributors

Full Changelog: step-security/harden-runner@v2.19.0...v2.19.1

Commits
  • a5ad31d Merge pull request #657 from devantler/fix/ubuntu-slim-user-env
  • 6e92856 build dist and trim ubuntu-slim message
  • 4e0504e Merge branch 'main' into fix/ubuntu-slim-user-env
  • 376d25a fix: detect ubuntu-slim runners early and bail out
  • See full diff in compare view

Updates bemanproject/infra-workflows/.github/workflows/reusable-beman-pre-commit.yml from 1.7.1 to 1.7.2

Commits

Updates bemanproject/infra-workflows/.github/workflows/reusable-beman-update-pre-commit.yml from 1.7.1 to 1.7.2

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels May 4, 2026
@steve-downey
Copy link
Copy Markdown
Member

steve-downey commented May 12, 2026

@dependabot rebase

@dependabot
Bump the github-actions group across 1 directory with 7 updates
a84a776 
Bumps the github-actions group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [bemanproject/infra-workflows/.github/workflows/reusable-beman-submodule-check.yml](https://github.com/bemanproject/infra-workflows) | `1.7.1` | `1.7.2` |
| [bemanproject/infra-workflows/.github/workflows/reusable-beman-preset-test.yml](https://github.com/bemanproject/infra-workflows) | `1.7.1` | `1.7.2` |
| [bemanproject/infra-workflows/.github/workflows/reusable-beman-build-and-test.yml](https://github.com/bemanproject/infra-workflows) | `1.7.1` | `1.7.2` |
| [bemanproject/infra-workflows/.github/workflows/reusable-beman-create-issue-when-fault.yml](https://github.com/bemanproject/infra-workflows) | `1.7.1` | `1.7.2` |
| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.19.0` | `2.19.1` |
| [bemanproject/infra-workflows/.github/workflows/reusable-beman-pre-commit.yml](https://github.com/bemanproject/infra-workflows) | `1.7.1` | `1.7.2` |
| [bemanproject/infra-workflows/.github/workflows/reusable-beman-update-pre-commit.yml](https://github.com/bemanproject/infra-workflows) | `1.7.1` | `1.7.2` |



Updates `bemanproject/infra-workflows/.github/workflows/reusable-beman-submodule-check.yml` from 1.7.1 to 1.7.2
- [Commits](bemanproject/infra-workflows@4d946e2...b83fb68)

Updates `bemanproject/infra-workflows/.github/workflows/reusable-beman-preset-test.yml` from 1.7.1 to 1.7.2
- [Commits](bemanproject/infra-workflows@4d946e2...b83fb68)

Updates `bemanproject/infra-workflows/.github/workflows/reusable-beman-build-and-test.yml` from 1.7.1 to 1.7.2
- [Commits](bemanproject/infra-workflows@4d946e2...b83fb68)

Updates `bemanproject/infra-workflows/.github/workflows/reusable-beman-create-issue-when-fault.yml` from 1.7.1 to 1.7.2
- [Commits](bemanproject/infra-workflows@4d946e2...b83fb68)

Updates `step-security/harden-runner` from 2.19.0 to 2.19.1
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](step-security/harden-runner@v2.19.0...a5ad31d)

Updates `bemanproject/infra-workflows/.github/workflows/reusable-beman-pre-commit.yml` from 1.7.1 to 1.7.2
- [Commits](bemanproject/infra-workflows@4d946e2...b83fb68)

Updates `bemanproject/infra-workflows/.github/workflows/reusable-beman-update-pre-commit.yml` from 1.7.1 to 1.7.2
- [Commits](bemanproject/infra-workflows@4d946e2...b83fb68)

---
updated-dependencies:
- dependency-name: bemanproject/infra-workflows/.github/workflows/reusable-beman-build-and-test.yml
  dependency-version: 1.7.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: bemanproject/infra-workflows/.github/workflows/reusable-beman-create-issue-when-fault.yml
  dependency-version: 1.7.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: bemanproject/infra-workflows/.github/workflows/reusable-beman-pre-commit.yml
  dependency-version: 1.7.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: bemanproject/infra-workflows/.github/workflows/reusable-beman-preset-test.yml
  dependency-version: 1.7.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: bemanproject/infra-workflows/.github/workflows/reusable-beman-submodule-check.yml
  dependency-version: 1.7.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: bemanproject/infra-workflows/.github/workflows/reusable-beman-update-pre-commit.yml
  dependency-version: 1.7.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: step-security/harden-runner
  dependency-version: 2.19.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Bump the github-actions group with 7 updates Bump the github-actions group across 1 directory with 7 updates May 12, 2026
@dependabot dependabot Bot force-pushed the dependabot/github_actions/github-actions-169dd1f415 branch from 06dde68 to a84a776 Compare May 12, 2026 02:42
@steve-downey steve-downey merged commit cc36c66 into main May 12, 2026
81 checks passed
@steve-downey steve-downey deleted the dependabot/github_actions/github-actions-169dd1f415 branch May 12, 2026 17:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@steve-downey steve-downey steve-downey approved these changes

@neatudarius neatudarius Awaiting requested review from neatudarius neatudarius is a code owner

@camio camio Awaiting requested review from camio camio is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@steve-downey