From 19ed89ae883f411201505a7209aa064e9000a034 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 14 May 2026 18:33:35 +0000
Subject: [PATCH] Bump step-security/harden-runner from 2.19.1 to 2.19.2

Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.19.1 to 2.19.2.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](https://github.com/step-security/harden-runner/compare/a5ad31d6a139d249332a2605b85202e8c0b78450...9ca718d3bf646d6534007c269a635b3e54cadf99)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.19.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/build.yml             | 4 ++--
 .github/workflows/codeql-analysis.yml   | 2 +-
 .github/workflows/dependency-review.yml | 2 +-
 .github/workflows/devcontainer.yml      | 2 +-
 .github/workflows/docs.yml              | 6 +++---
 .github/workflows/python-publish.yml    | 2 +-
 .github/workflows/release.yml           | 2 +-
 .github/workflows/run.yml               | 4 ++--
 .github/workflows/scorecard.yml         | 2 +-
 .github/workflows/source-provenance.yml | 2 +-
 .github/workflows/test.yml              | 2 +-
 11 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index a8dfb39d..895e2ad7 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -25,7 +25,7 @@ jobs:
 
     steps:
       - name: "Harden the runner (Block egress traffic: Only allow calls to allowed endpoints)"
-        uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
+        uses: step-security/harden-runner@9ca718d3bf646d6534007c269a635b3e54cadf99 # v2.19.2
         with:
           egress-policy: block
           allowed-endpoints: >+
@@ -334,7 +334,7 @@ jobs:
 
     steps:
     - name: "Harden the runner (Block egress traffic: Only allow calls to allowed endpoints)"
-      uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
+      uses: step-security/harden-runner@9ca718d3bf646d6534007c269a635b3e54cadf99 # v2.19.2
       with:
         egress-policy: block
         allowed-endpoints: >+
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 9999e5aa..526b8d73 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -35,7 +35,7 @@ jobs:
 
     steps:
     - name: "Harden the runner (Block egress traffic: Only allow calls to allowed endpoints)"
-      uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
+      uses: step-security/harden-runner@9ca718d3bf646d6534007c269a635b3e54cadf99 # v2.19.2
       with:
         egress-policy: block
         allowed-endpoints: >+
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
index ed3414c8..c5e77a84 100644
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: "Harden the runner (Block egress traffic: Only allow calls to allowed endpoints)"
-        uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
+        uses: step-security/harden-runner@9ca718d3bf646d6534007c269a635b3e54cadf99 # v2.19.2
         with:
           egress-policy: block
           allowed-endpoints: >+
diff --git a/.github/workflows/devcontainer.yml b/.github/workflows/devcontainer.yml
index 0f982399..d97e9a9b 100644
--- a/.github/workflows/devcontainer.yml
+++ b/.github/workflows/devcontainer.yml
@@ -16,7 +16,7 @@ jobs:
 
     steps:
       - name: "Harden the runner (Block egress traffic: Only allow calls to allowed endpoints)"
-        uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
+        uses: step-security/harden-runner@9ca718d3bf646d6534007c269a635b3e54cadf99 # v2.19.2
         with:
           egress-policy: block
           allowed-endpoints: >+
diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
index ce521140..ce3ee6b9 100644
--- a/.github/workflows/docs.yml
+++ b/.github/workflows/docs.yml
@@ -20,7 +20,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: "Harden the runner (Block egress traffic: Only allow calls to allowed endpoints)"
-      uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
+      uses: step-security/harden-runner@9ca718d3bf646d6534007c269a635b3e54cadf99 # v2.19.2
       with:
         egress-policy: block
         allowed-endpoints: >+
@@ -53,7 +53,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: "Harden the runner (Block egress traffic: Only allow calls to allowed endpoints)"
-        uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
+        uses: step-security/harden-runner@9ca718d3bf646d6534007c269a635b3e54cadf99 # v2.19.2
         with:
           egress-policy: block
           allowed-endpoints: >+
@@ -97,7 +97,7 @@ jobs:
       contents: write
     steps:
       - name: "Harden the runner (Block egress traffic: Only allow calls to allowed endpoints)"
-        uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
+        uses: step-security/harden-runner@9ca718d3bf646d6534007c269a635b3e54cadf99 # v2.19.2
         with:
           egress-policy: block
           allowed-endpoints: >+
diff --git a/.github/workflows/python-publish.yml b/.github/workflows/python-publish.yml
index 01a331d3..3a87f38c 100644
--- a/.github/workflows/python-publish.yml
+++ b/.github/workflows/python-publish.yml
@@ -25,7 +25,7 @@ jobs:
 
     steps:
     - name: "Harden the runner (Block egress traffic: Only allow calls to allowed endpoints)"
-      uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
+      uses: step-security/harden-runner@9ca718d3bf646d6534007c269a635b3e54cadf99 # v2.19.2
       with:
         egress-policy: block
         allowed-endpoints: >+
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index b0881c79..f67d1ec5 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -21,7 +21,7 @@ jobs:
       release_id: ${{ steps.release_info.outputs.tag }}
 
     steps:
-      - uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
+      - uses: step-security/harden-runner@9ca718d3bf646d6534007c269a635b3e54cadf99 # v2.19.2
         with:
           egress-policy: block
           allowed-endpoints: >+
diff --git a/.github/workflows/run.yml b/.github/workflows/run.yml
index 7cc46a49..b790460b 100644
--- a/.github/workflows/run.yml
+++ b/.github/workflows/run.yml
@@ -16,7 +16,7 @@ jobs:
 
     steps:
       - name: "Harden the runner (Block egress traffic: Only allow calls to allowed endpoints)"
-        uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
+        uses: step-security/harden-runner@9ca718d3bf646d6534007c269a635b3e54cadf99 # v2.19.2
         with:
           egress-policy: block
           allowed-endpoints: >+
@@ -149,7 +149,7 @@ jobs:
 
     steps:
       - name: "Harden the runner (Block egress traffic: Only allow calls to allowed endpoints)"
-        uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
+        uses: step-security/harden-runner@9ca718d3bf646d6534007c269a635b3e54cadf99 # v2.19.2
         with:
           egress-policy: block
           allowed-endpoints: ${{ matrix.allowed-endpoints }}
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 3f5451a6..b5a6a187 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -27,7 +27,7 @@ jobs:
 
     steps:
       - name: "Harden the runner (Block egress traffic: Only allow calls to allowed endpoints)"
-        uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
+        uses: step-security/harden-runner@9ca718d3bf646d6534007c269a635b3e54cadf99 # v2.19.2
         with:
           egress-policy: block
           allowed-endpoints: >+
diff --git a/.github/workflows/source-provenance.yml b/.github/workflows/source-provenance.yml
index 5825effb..ff8eed00 100644
--- a/.github/workflows/source-provenance.yml
+++ b/.github/workflows/source-provenance.yml
@@ -20,7 +20,7 @@ jobs:
 
     steps:
       - name: "Harden the runner (Block egress traffic: Only allow calls to allowed endpoints)"
-        uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
+        uses: step-security/harden-runner@9ca718d3bf646d6534007c269a635b3e54cadf99 # v2.19.2
         with:
           egress-policy: block
           allowed-endpoints: >+
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 69478e01..48a2a3da 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -18,7 +18,7 @@ jobs:
       id-token: write
     steps:
       - name: "Harden the runner (Block egress traffic: Only allow calls to allowed endpoints)"
-        uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
+        uses: step-security/harden-runner@9ca718d3bf646d6534007c269a635b3e54cadf99 # v2.19.2
         with:
           egress-policy: block
           # dfetch.invalid and giiiiiidhub.com are intentionally invalid test