From 6fafb04205ebf80bc2bd4760b918ecbab57048b6 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 13 Dec 2024 16:39:27 +0100
Subject: [PATCH] build(deps): bump step-security/harden-runner from 2.8.1 to
 2.10.1 (#989)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.8.1 to 2.10.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.10.1</h2>
<h2>What's Changed</h2>
<p>Release v2.10.1 by <a
href="https://github.com/varunsh-coder"><code>@​varunsh-coder</code></a>
in <a
href="https://redirect.github.com/step-security/harden-runner/pull/463">step-security/harden-runner#463</a>
Bug fix: Resolves an issue where DNS resolution of .local domains was
failing when using a Kind cluster in a GitHub Actions workflow.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.10.1">https://github.com/step-security/harden-runner/compare/v2...v2.10.1</a></p>
<h2>v2.10.0</h2>
<h2>What's Changed</h2>
<p>Release v2.10.0 by <a
href="https://github.com/h0x0er"><code>@​h0x0er</code></a> and <a
href="https://github.com/varunsh-coder"><code>@​varunsh-coder</code></a>
in <a
href="https://redirect.github.com/step-security/harden-runner/pull/455">step-security/harden-runner#455</a></p>
<p><strong>ARM Support</strong>: Harden-Runner Enterprise tier now
supports GitHub-hosted ARM runners. This includes all the features that
apply to previously supported GitHub-hosted x64 Linux runners.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.10.0">https://github.com/step-security/harden-runner/compare/v2...v2.10.0</a></p>
<h2>v2.9.1</h2>
<h2>What's Changed</h2>
<p>Release v2.9.1 by <a
href="https://github.com/h0x0er"><code>@​h0x0er</code></a> and <a
href="https://github.com/varunsh-coder"><code>@​varunsh-coder</code></a>
in <a
href="https://redirect.github.com/step-security/harden-runner/issues/440">#440</a>
This release includes two changes:</p>
<ol>
<li>Updated markdown displayed in the job summary by the Harden-Runner
Action.</li>
<li>Fixed a bug affecting Enterprise Tier customers where the agent
attempted to upload telemetry for jobs with disable-telemetry set to
true. No telemetry was uploaded as the endpoint was not in the allowed
list.</li>
</ol>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.9.1">https://github.com/step-security/harden-runner/compare/v2...v2.9.1</a></p>
<h2>v2.9.0</h2>
<h2>What's Changed</h2>
<p>Release v2.9.0 by <a
href="https://github.com/h0x0er"><code>@​h0x0er</code></a> and <a
href="https://github.com/varunsh-coder"><code>@​varunsh-coder</code></a>
in <a
href="https://redirect.github.com/step-security/harden-runner/pull/435">step-security/harden-runner#435</a>
This release includes:</p>
<ul>
<li>Enterprise Tier - Telemetry Upload Enhancement:
For the enterprise tier, this change helps overcome size constraints,
allowing for more reliable telemetry uploads from the Harden-Runner
agent to the StepSecurity backend API. No configuration change is needed
to enable this.</li>
<li>Harden-Runner Agent Authentication:
The Harden-Runner agent now uses a per-job key to authenticate to the
StepSecurity backend API to submit telemetry. This change prevents the
submission of telemetry data anonymously for a given job, improving the
integrity of the data collection process. No configuration change is
needed to enable this.</li>
<li>README Update:
A Table of Contents has been added to the README file to improve
navigation. This makes it easier for users to find the information they
need quickly.</li>
<li>Dependency Update:
Updated the <code>braces</code> npm package dependency to a
non-vulnerable version. The vulnerability in <code>braces</code> did not
affect the Harden Runner Action</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.9.0">https://github.com/step-security/harden-runner/compare/v2...v2.9.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/91182cccc01eb5e619899d80e4e971d6181294a7"><code>91182cc</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/463">#463</a>
from step-security/rc-14</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/59ec1c63417a5941b4c199e9e522f0756d2ab11b"><code>59ec1c6</code></a>
Update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/1d2370362ea3d554c02ef9fa23b17f4a84d7949b"><code>1d23703</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/461">#461</a>
from step-security/varunsh-coder-patch-1</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b03bddaa058e19a340af7befb2de4ddd76e4a7d7"><code>b03bdda</code></a>
Update README.md</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/3d8dd68e5758262d38de5cca3cbdc85addbbc28d"><code>3d8dd68</code></a>
Update README.md</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/446798f8213ac2e75931c1b0769676d927801858"><code>446798f</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/455">#455</a>
from step-security/rc-12</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/f0d3b1eb1ba908b9f69f8af7b0ab2ab59e2bfc1c"><code>f0d3b1e</code></a>
Update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b7880a2f96f65eea5c1b21cd4cef1a91b6c32471"><code>b7880a2</code></a>
update dist</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/dade49eade63e2277d55bb16749465b195246a6f"><code>dade49e</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/456">#456</a>
from h0x0er/arm-support</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/d6248bed80ff04443fd77c64092e77520ceed2c9"><code>d6248be</code></a>
bump enterprise agent version</li>
<li>Additional commits viewable in <a
href="https://github.com/step-security/harden-runner/compare/v2.8.1...91182cccc01eb5e619899d80e4e971d6181294a7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.8.1&new-version=2.10.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/afxdp_build.yml              | 2 +-
 .github/workflows/afxdp_build_with_gtest.yml   | 4 ++--
 .github/workflows/centos_build.yml             | 2 +-
 .github/workflows/codeql.yml                   | 2 +-
 .github/workflows/coverity.yml                 | 2 +-
 .github/workflows/dependency-review.yml        | 2 +-
 .github/workflows/dpdk_patches_build.yml       | 2 +-
 .github/workflows/ecosystem.yml                | 2 +-
 .github/workflows/ffmpeg_plugin.yml            | 2 +-
 .github/workflows/linter.yml                   | 2 +-
 .github/workflows/msys2_build.yml              | 2 +-
 .github/workflows/msys2_ffmpeg.yml             | 2 +-
 .github/workflows/scorecards.yml               | 2 +-
 .github/workflows/tools_build.yml              | 2 +-
 .github/workflows/ubuntu_build.yml             | 2 +-
 .github/workflows/ubuntu_build_skip_gtest.yml  | 4 ++--
 .github/workflows/ubuntu_build_with_gtest.yml  | 4 ++--
 .github/workflows/windows_build_with_gtest.yml | 2 +-
 action.yml                                     | 2 +-
 19 files changed, 22 insertions(+), 22 deletions(-)

diff --git a/.github/workflows/afxdp_build.yml b/.github/workflows/afxdp_build.yml
index 3f978660d..bb535ebe3 100644
--- a/.github/workflows/afxdp_build.yml
+++ b/.github/workflows/afxdp_build.yml
@@ -47,7 +47,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/afxdp_build_with_gtest.yml b/.github/workflows/afxdp_build_with_gtest.yml
index 9d82f6e0b..a4ddb4e13 100644
--- a/.github/workflows/afxdp_build_with_gtest.yml
+++ b/.github/workflows/afxdp_build_with_gtest.yml
@@ -48,7 +48,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
@@ -96,7 +96,7 @@ jobs:
       INTERFACE_R: enp8s0np0
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/centos_build.yml b/.github/workflows/centos_build.yml
index 9623053ca..2cd770acc 100644
--- a/.github/workflows/centos_build.yml
+++ b/.github/workflows/centos_build.yml
@@ -43,7 +43,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 88f7994b4..93ad50bfb 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -43,7 +43,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
index 8c98f6ec5..82ba2b880 100644
--- a/.github/workflows/coverity.yml
+++ b/.github/workflows/coverity.yml
@@ -20,7 +20,7 @@ jobs:
     timeout-minutes: 90
     steps:
     - name: 'Harden Runner'
-      uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
+      uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
       with:
         egress-policy: audit
 
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
index 6e3a5f306..1f505bda8 100644
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/dpdk_patches_build.yml b/.github/workflows/dpdk_patches_build.yml
index c0caf15d7..2f970561d 100644
--- a/.github/workflows/dpdk_patches_build.yml
+++ b/.github/workflows/dpdk_patches_build.yml
@@ -47,7 +47,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/ecosystem.yml b/.github/workflows/ecosystem.yml
index cce0b245d..a2905e929 100644
--- a/.github/workflows/ecosystem.yml
+++ b/.github/workflows/ecosystem.yml
@@ -41,7 +41,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/ffmpeg_plugin.yml b/.github/workflows/ffmpeg_plugin.yml
index 3f69ad07d..e21c14d3e 100644
--- a/.github/workflows/ffmpeg_plugin.yml
+++ b/.github/workflows/ffmpeg_plugin.yml
@@ -43,7 +43,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml
index 42e8b99d0..ae8772338 100644
--- a/.github/workflows/linter.yml
+++ b/.github/workflows/linter.yml
@@ -14,7 +14,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/msys2_build.yml b/.github/workflows/msys2_build.yml
index c582cf647..51a489279 100644
--- a/.github/workflows/msys2_build.yml
+++ b/.github/workflows/msys2_build.yml
@@ -53,7 +53,7 @@ jobs:
         shell: msys2 {0}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/msys2_ffmpeg.yml b/.github/workflows/msys2_ffmpeg.yml
index 35c4ae566..4c47be1c3 100644
--- a/.github/workflows/msys2_ffmpeg.yml
+++ b/.github/workflows/msys2_ffmpeg.yml
@@ -23,7 +23,7 @@ jobs:
         shell: msys2 {0}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index 2943042d8..1d411dfab 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -32,7 +32,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/tools_build.yml b/.github/workflows/tools_build.yml
index 11277f05a..7ee8d668b 100644
--- a/.github/workflows/tools_build.yml
+++ b/.github/workflows/tools_build.yml
@@ -42,7 +42,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/ubuntu_build.yml b/.github/workflows/ubuntu_build.yml
index 2ceb203cd..5af304691 100644
--- a/.github/workflows/ubuntu_build.yml
+++ b/.github/workflows/ubuntu_build.yml
@@ -43,7 +43,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/ubuntu_build_skip_gtest.yml b/.github/workflows/ubuntu_build_skip_gtest.yml
index aff7f9568..e04f00057 100644
--- a/.github/workflows/ubuntu_build_skip_gtest.yml
+++ b/.github/workflows/ubuntu_build_skip_gtest.yml
@@ -39,7 +39,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
@@ -52,7 +52,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/ubuntu_build_with_gtest.yml b/.github/workflows/ubuntu_build_with_gtest.yml
index e3cb953a3..a90af505d 100644
--- a/.github/workflows/ubuntu_build_with_gtest.yml
+++ b/.github/workflows/ubuntu_build_with_gtest.yml
@@ -53,7 +53,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
@@ -96,7 +96,7 @@ jobs:
     runs-on: [Linux, self-hosted, DPDK]
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/windows_build_with_gtest.yml b/.github/workflows/windows_build_with_gtest.yml
index 05e41fc06..bc2d40ed6 100644
--- a/.github/workflows/windows_build_with_gtest.yml
+++ b/.github/workflows/windows_build_with_gtest.yml
@@ -52,7 +52,7 @@ jobs:
         shell: C:\msys64\msys2.cmd {0}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
diff --git a/action.yml b/action.yml
index f4e896021..688ee47a5 100644
--- a/action.yml
+++ b/action.yml
@@ -26,7 +26,7 @@ runs:
   using: 'composite'
   steps:
     - name: Harden Runner
-      uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
+      uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
       with:
         egress-policy: audit