From e3f31592eebef0d1e35083f86148779aeb952c93 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 24 Sep 2024 19:13:20 +0200
Subject: [PATCH] Bump the actions group across 1 directory with 3 updates
 (#1818)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps the actions group with 3 updates in the / directory:
[step-security/harden-runner](https://github.com/step-security/harden-runner),
[actions/setup-node](https://github.com/actions/setup-node) and
[peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request).

Updates `step-security/harden-runner` from 2.9.1 to 2.10.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.10.1</h2>
<h2>What's Changed</h2>
<p>Release v2.10.1 by <a
href="https://github.com/varunsh-coder"><code>@​varunsh-coder</code></a>
in <a
href="https://redirect.github.com/step-security/harden-runner/pull/463">step-security/harden-runner#463</a>
Bug fix: Resolves an issue where DNS resolution of .local domains was
failing when using a Kind cluster in a GitHub Actions workflow.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.10.1">https://github.com/step-security/harden-runner/compare/v2...v2.10.1</a></p>
<h2>v2.10.0</h2>
<h2>What's Changed</h2>
<p>Release v2.10.0 by <a
href="https://github.com/h0x0er"><code>@​h0x0er</code></a> and <a
href="https://github.com/varunsh-coder"><code>@​varunsh-coder</code></a>
in <a
href="https://redirect.github.com/step-security/harden-runner/pull/455">step-security/harden-runner#455</a></p>
<p><strong>ARM Support</strong>: Harden-Runner Enterprise tier now
supports GitHub-hosted ARM runners. This includes all the features that
apply to previously supported GitHub-hosted x64 Linux runners.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.10.0">https://github.com/step-security/harden-runner/compare/v2...v2.10.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/91182cccc01eb5e619899d80e4e971d6181294a7"><code>91182cc</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/463">#463</a>
from step-security/rc-14</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/59ec1c63417a5941b4c199e9e522f0756d2ab11b"><code>59ec1c6</code></a>
Update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/1d2370362ea3d554c02ef9fa23b17f4a84d7949b"><code>1d23703</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/461">#461</a>
from step-security/varunsh-coder-patch-1</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b03bddaa058e19a340af7befb2de4ddd76e4a7d7"><code>b03bdda</code></a>
Update README.md</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/3d8dd68e5758262d38de5cca3cbdc85addbbc28d"><code>3d8dd68</code></a>
Update README.md</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/446798f8213ac2e75931c1b0769676d927801858"><code>446798f</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/455">#455</a>
from step-security/rc-12</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/f0d3b1eb1ba908b9f69f8af7b0ab2ab59e2bfc1c"><code>f0d3b1e</code></a>
Update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b7880a2f96f65eea5c1b21cd4cef1a91b6c32471"><code>b7880a2</code></a>
update dist</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/dade49eade63e2277d55bb16749465b195246a6f"><code>dade49e</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/456">#456</a>
from h0x0er/arm-support</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/d6248bed80ff04443fd77c64092e77520ceed2c9"><code>d6248be</code></a>
bump enterprise agent version</li>
<li>Additional commits viewable in <a
href="https://github.com/step-security/harden-runner/compare/5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde...91182cccc01eb5e619899d80e4e971d6181294a7">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/setup-node` from 4.0.3 to 4.0.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-node/releases">actions/setup-node's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Add workflow file for publishing releases to immutable action
package by <a
href="https://github.com/Jcambass"><code>@​Jcambass</code></a> in <a
href="https://redirect.github.com/actions/setup-node/pull/1125">actions/setup-node#1125</a></li>
<li>Enhance Windows ARM64 Setup and Update micromatch Dependency by <a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/1126">actions/setup-node#1126</a></li>
</ul>
<h3>Documentation changes:</h3>
<ul>
<li>Documentation update in the README file by <a
href="https://github.com/suyashgaonkar"><code>@​suyashgaonkar</code></a>
in <a
href="https://redirect.github.com/actions/setup-node/pull/1106">actions/setup-node#1106</a></li>
<li>Correct invalid 'lts' version string reference by <a
href="https://github.com/fulldecent"><code>@​fulldecent</code></a> in <a
href="https://redirect.github.com/actions/setup-node/pull/1124">actions/setup-node#1124</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/suyashgaonkar"><code>@​suyashgaonkar</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-node/pull/1106">actions/setup-node#1106</a></li>
<li><a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-node/pull/1126">actions/setup-node#1126</a></li>
<li><a href="https://github.com/Jcambass"><code>@​Jcambass</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-node/pull/1125">actions/setup-node#1125</a></li>
<li><a
href="https://github.com/fulldecent"><code>@​fulldecent</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-node/pull/1124">actions/setup-node#1124</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-node/compare/v4...v4.0.4">https://github.com/actions/setup-node/compare/v4...v4.0.4</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-node/commit/0a44ba7841725637a19e28fa30b79a866c81b0a6"><code>0a44ba7</code></a>
Correct version string (<a
href="https://redirect.github.com/actions/setup-node/issues/1124">#1124</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/97ca147735c170fb35096b39ef17a0fc5d9270ac"><code>97ca147</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/setup-node/issues/1125">#1125</a>
from actions/add-is-release-workflow</li>
<li><a
href="https://github.com/actions/setup-node/commit/aa363ded8fefb1e43b7a6cb669a222a98c09eb57"><code>aa363de</code></a>
Create publish-immutable-action.yml</li>
<li><a
href="https://github.com/actions/setup-node/commit/1c7b2db92075f828bee89d7e19d33a911d15e7b3"><code>1c7b2db</code></a>
Fix: windows arm64 setup (<a
href="https://redirect.github.com/actions/setup-node/issues/1126">#1126</a>)</li>
<li><a
href="https://github.com/actions/setup-node/commit/26961cf329f22f6837d5f54c3efd76b480300ace"><code>26961cf</code></a>
Documentation update in the README file (<a
href="https://redirect.github.com/actions/setup-node/issues/1106">#1106</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-node/compare/1e60f620b9541d16bece96c5465dc8ee9832be0b...0a44ba7841725637a19e28fa30b79a866c81b0a6">compare
view</a></li>
</ul>
</details>
<br />

Updates `peter-evans/create-pull-request` from 7.0.1 to 7.0.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's
releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v7.0.5</h2>
<p>⚙️ Fixes an issue with commit signing to allow it to support
symlinks</p>
<h2>What's Changed</h2>
<ul>
<li>fix: support symlinks when commit signing by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3359">peter-evans/create-pull-request#3359</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/peter-evans/create-pull-request/compare/v7.0.4...v7.0.5">https://github.com/peter-evans/create-pull-request/compare/v7.0.4...v7.0.5</a></p>
<h2>Create Pull Request v7.0.4</h2>
<p>⚙️ Fixes an issue with commit signing to allow it to support
submodules</p>
<h2>What's Changed</h2>
<ul>
<li>docs: correct suggestion for bot setup by <a
href="https://github.com/henryiii"><code>@​henryiii</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3342">peter-evans/create-pull-request#3342</a></li>
<li>build(deps-dev): bump <code>@​types/jest</code> from 29.5.12 to
29.5.13 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3343">peter-evans/create-pull-request#3343</a></li>
<li>build(deps-dev): bump eslint from 8.57.0 to 8.57.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3344">peter-evans/create-pull-request#3344</a></li>
<li>fix: support submodules when commit signing by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3354">peter-evans/create-pull-request#3354</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/henryiii"><code>@​henryiii</code></a>
made their first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3342">peter-evans/create-pull-request#3342</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/peter-evans/create-pull-request/compare/v7.0.3...v7.0.4">https://github.com/peter-evans/create-pull-request/compare/v7.0.3...v7.0.4</a></p>
<h2>Create Pull Request v7.0.3</h2>
<p>⚙️ Fixes an issue with commit signing where commit SHAs have variable
lengths when abbreviated.</p>
<h2>What's Changed</h2>
<ul>
<li>fix: disable abbreviated commit shas in diff by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3337">peter-evans/create-pull-request#3337</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/peter-evans/create-pull-request/compare/v7.0.2...v7.0.3">https://github.com/peter-evans/create-pull-request/compare/v7.0.2...v7.0.3</a></p>
<h2>Create Pull Request v7.0.2</h2>
<p>⚙️ Fixes an issue with commit signing when a change was detected as
being a rename or copy.</p>
<h2>What's Changed</h2>
<ul>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.48 to
18.19.50 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3320">peter-evans/create-pull-request#3320</a></li>
<li>build(deps-dev): bump typescript from 5.5.4 to 5.6.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3319">peter-evans/create-pull-request#3319</a></li>
<li>fix: disable diff detection for renames and copies by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3330">peter-evans/create-pull-request#3330</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/peter-evans/create-pull-request/compare/v7.0.1...v7.0.2">https://github.com/peter-evans/create-pull-request/compare/v7.0.1...v7.0.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/5e914681df9dc83aa4e4905692ca88beb2f9e91f"><code>5e91468</code></a>
fix: support symlinks when commit signing (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3359">#3359</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/2f38cd26bfebe301a5ee90bdd6550a69dc3ef23f"><code>2f38cd2</code></a>
fix: support submodules when commit signing (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3354">#3354</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/7a8aeac749996aed943101d8e7dfb0cecc06197e"><code>7a8aeac</code></a>
build(deps-dev): bump eslint from 8.57.0 to 8.57.1 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3344">#3344</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/d39d596a7720fc2c61c9aa5503097fb553431b5e"><code>d39d596</code></a>
build(deps-dev): bump <code>@​types/jest</code> from 29.5.12 to 29.5.13
(<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3343">#3343</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/f6f978fd3dc86c443f758f603d22dc554762c832"><code>f6f978f</code></a>
docs: correct suggestion for bot setup (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3342">#3342</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/6cd32fd93684475c31847837f87bb135d40a2b79"><code>6cd32fd</code></a>
fix: disable abbreviated commit shas in diff (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3337">#3337</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/d121e62763d8cc35b5fb1710e887d6e69a52d3a4"><code>d121e62</code></a>
fix: disable diff detection for renames and copies (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3330">#3330</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/f4d66f4d5a5a7e65a185463192800c32d296ac6d"><code>f4d66f4</code></a>
build(deps-dev): bump typescript from 5.5.4 to 5.6.2 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3319">#3319</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/488c869d17c8a5cb8a2f0a09471ed82c1d2a084f"><code>488c869</code></a>
build(deps-dev): bump <code>@​types/node</code> from 18.19.48 to
18.19.50 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3320">#3320</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/5354f85616108575685a73a0ddd2f67c26a441c3"><code>5354f85</code></a>
docs: update readme</li>
<li>See full diff in <a
href="https://github.com/peter-evans/create-pull-request/compare/8867c4aba1b742c39f8d0ba35429c2dfa4b6cb20...5e914681df9dc83aa4e4905692ca88beb2f9e91f">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/autodocs-platform.yaml         | 8 ++++----
 .github/workflows/build-terminal-images.yaml     | 2 +-
 .github/workflows/check-links.yaml               | 2 +-
 .github/workflows/cloud-run.yaml                 | 4 ++--
 .github/workflows/rumble-vulnerability-data.yaml | 2 +-
 5 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/autodocs-platform.yaml b/.github/workflows/autodocs-platform.yaml
index 3840b6d996..f59d3f01dd 100644
--- a/.github/workflows/autodocs-platform.yaml
+++ b/.github/workflows/autodocs-platform.yaml
@@ -26,7 +26,7 @@ jobs:
 
     steps:
     - name: 'Github Actions Runner'
-      uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+      uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
       with:
         egress-policy: audit
 
@@ -81,7 +81,7 @@ jobs:
 
     steps:
     - name: 'Github Actions Runner'
-      uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+      uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
       with:
         egress-policy: audit
 
@@ -104,7 +104,7 @@ jobs:
         storage_bucket: "${{ secrets.STORAGE_BUCKET }}"
         platform_changelog: "${{ env.PLATFORM_CHANGELOG }}"
 
-    - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
+    - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
       with:
         node-version: 16
 
@@ -125,7 +125,7 @@ jobs:
         identity: edu
 
     - name: Create a PR
-      uses: peter-evans/create-pull-request@8867c4aba1b742c39f8d0ba35429c2dfa4b6cb20 # v7.0.1
+      uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
       id: cpr
       with:
         token: ${{ steps.octo-sts.outputs.token }}
diff --git a/.github/workflows/build-terminal-images.yaml b/.github/workflows/build-terminal-images.yaml
index 8b9c9a1e72..aa24d003bd 100644
--- a/.github/workflows/build-terminal-images.yaml
+++ b/.github/workflows/build-terminal-images.yaml
@@ -31,7 +31,7 @@ jobs:
 
     steps:
       - name: 'Github Actions Runner'
-        uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/check-links.yaml b/.github/workflows/check-links.yaml
index 3547d8fcca..e671b2e977 100644
--- a/.github/workflows/check-links.yaml
+++ b/.github/workflows/check-links.yaml
@@ -23,7 +23,7 @@ jobs:
 
     steps:
       - name: 'Github Actions Runner'
-        uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/cloud-run.yaml b/.github/workflows/cloud-run.yaml
index ff677cd772..3a78674e3a 100644
--- a/.github/workflows/cloud-run.yaml
+++ b/.github/workflows/cloud-run.yaml
@@ -16,14 +16,14 @@ jobs:
 
     steps:
     - name: 'Github Actions Runner'
-      uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+      uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
       with:
         egress-policy: audit
 
     - name: 'Checkout default branch to $GITHUB_WORKSPACE dir'
       uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
-    - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v3
+    - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v3
       with:
         node-version: 16
 
diff --git a/.github/workflows/rumble-vulnerability-data.yaml b/.github/workflows/rumble-vulnerability-data.yaml
index 0cc7429c44..efd68fb2d3 100644
--- a/.github/workflows/rumble-vulnerability-data.yaml
+++ b/.github/workflows/rumble-vulnerability-data.yaml
@@ -26,7 +26,7 @@ jobs:
 
     steps:
       - name: 'Github Actions Runner'
-        uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit