fix(deps): update github-actions (#917)

renovate[bot] · web-flow · commit 8c9785c4cc5b · 2025-07-19T05:04:22.000+02:00
Signed-off-by: Renovate Bot &lt;bot@renovateapp.com&gt;
Co-authored-by: renovate[bot] &lt;29139614+renovate[bot]@users.noreply.github.com&gt;
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -43,7 +43,7 @@ jobs:
 
         steps:
             - name: "Harden Runner"
-              uses: "step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49" # v2.12.2
+              uses: "step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911" # v2.13.0
               with:
                   egress-policy: "audit"
 
diff --git a/.github/workflows/comment-issue.yml b/.github/workflows/comment-issue.yml
@@ -16,7 +16,7 @@ jobs:
             issues: "write"
         steps:
             - name: "Harden Runner"
-              uses: "step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49" # v2.12.2
+              uses: "step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911" # v2.13.0
               with:
                   egress-policy: "audit"
 
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -21,7 +21,7 @@ jobs:
         runs-on: "ubuntu-latest"
         steps:
             - name: "Harden Runner"
-              uses: "step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49" # v2.12.2
+              uses: "step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911" # v2.13.0
               with:
                   egress-policy: "audit"
 
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -35,7 +35,7 @@ jobs:
             package_json_lintable: "${{ steps.changes.outputs.package_json_lintable }}"
         steps:
             - name: "Harden Runner"
-              uses: "step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49" # v2.12.2
+              uses: "step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911" # v2.13.0
               with:
                   egress-policy: "audit"
 
@@ -60,7 +60,7 @@ jobs:
         runs-on: "ubuntu-latest"
         steps:
             - name: "Harden Runner"
-              uses: "step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49" # v2.12.2
+              uses: "step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911" # v2.13.0
               with:
                   egress-policy: "audit"
 
@@ -111,7 +111,7 @@ jobs:
         runs-on: "ubuntu-latest"
         steps:
             - name: "Harden Runner"
-              uses: "step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49" # v2.12.2
+              uses: "step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911" # v2.13.0
               with:
                   egress-policy: "audit"
 
@@ -162,7 +162,7 @@ jobs:
         runs-on: "ubuntu-latest"
         steps:
             - name: "Harden Runner"
-              uses: "step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49" # v2.12.2
+              uses: "step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911" # v2.13.0
               with:
                   egress-policy: "audit"
 
@@ -213,7 +213,7 @@ jobs:
         runs-on: "ubuntu-latest"
         steps:
             - name: "Harden Runner"
-              uses: "step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49" # v2.12.2
+              uses: "step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911" # v2.13.0
               with:
                   egress-policy: "audit"
 
@@ -237,7 +237,7 @@ jobs:
         runs-on: "ubuntu-latest"
         steps:
             - name: "Harden Runner"
-              uses: "step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49" # v2.12.2
+              uses: "step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911" # v2.13.0
               with:
                   egress-policy: "audit"
 
@@ -262,7 +262,7 @@ jobs:
         runs-on: "ubuntu-latest"
         steps:
             - name: "Harden Runner"
-              uses: "step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49" # v2.12.2
+              uses: "step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911" # v2.13.0
               with:
                   egress-policy: "audit"
 
@@ -280,7 +280,7 @@ jobs:
             - name: "Use Node.js 20.x"
               uses: "actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020" # v4.4.0
               with:
-                  node-version: "20.19.3"
+                  node-version: "20.19.4"
                   cache: "pnpm"
 
             - name: "Verify the integrity of provenance attestations and registry signatures for installed dependencies"
@@ -312,7 +312,7 @@ jobs:
             # If any jobs we depend on fail, we will fail since this is a required check
             # NOTE: A timeout is considered a failure
             - name: "Harden Runner"
-              uses: "step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49" # v2.12.2
+              uses: "step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911" # v2.13.0
               with:
                   egress-policy: "audit"
 
diff --git a/.github/workflows/lock-file-maintenance.yml b/.github/workflows/lock-file-maintenance.yml
@@ -21,7 +21,7 @@ jobs:
 
         steps:
             - name: "Harden Runner"
-              uses: "step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49" # v2.12.2
+              uses: "step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911" # v2.13.0
               with:
                   egress-policy: "audit"
 
diff --git a/.github/workflows/preview-release.yaml b/.github/workflows/preview-release.yaml
@@ -26,7 +26,7 @@ jobs:
 
         steps:
             - name: "Harden Runner"
-              uses: "step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49" # v2.12.2
+              uses: "step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911" # v2.13.0
               with:
                   egress-policy: "audit"
 
diff --git a/.github/workflows/require-allow-edits.yml b/.github/workflows/require-allow-edits.yml
@@ -16,7 +16,7 @@ jobs:
 
         steps:
             - name: "Harden Runner"
-              uses: "step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49" # v2.12.2
+              uses: "step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911" # v2.13.0
               with:
                   egress-policy: "audit"
 
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -33,7 +33,7 @@ jobs:
 
         steps:
             - name: "Harden Runner"
-              uses: "step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49" # v2.12.2
+              uses: "step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911" # v2.13.0
               with:
                   egress-policy: "audit"
 
diff --git a/.github/workflows/semantic-pull-request.yml b/.github/workflows/semantic-pull-request.yml
@@ -23,7 +23,7 @@ jobs:
         name: "Semantic Pull Request"
         steps:
             - name: "Harden Runner"
-              uses: "step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49" # v2.12.2
+              uses: "step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911" # v2.13.0
               with:
                   egress-policy: "audit"
 
@@ -46,7 +46,7 @@ jobs:
                       revert
                       test
 
-            - uses: "marocchino/sticky-pull-request-comment@d2ad0de260ae8b0235ce059e63f2949ba9e05943" # v2.9.3
+            - uses: "marocchino/sticky-pull-request-comment@773744901bac0e8cbb5a0dc842800d45e9b2b405" # v2.9.4
               # When the previous steps fail, the workflow would stop. By adding this
               # condition you can continue the execution with the populated error message.
               if: "always() && (steps.lint_pr_title.outputs.error_message != null)"
@@ -65,7 +65,7 @@ jobs:
 
               # Delete a previous comment when the issue has been resolved
             - if: "${{ steps.lint_pr_title.outputs.error_message == null }}"
-              uses: "marocchino/sticky-pull-request-comment@d2ad0de260ae8b0235ce059e63f2949ba9e05943" # v2.9.3
+              uses: "marocchino/sticky-pull-request-comment@773744901bac0e8cbb5a0dc842800d45e9b2b405" # v2.9.4
               with:
                   header: "pr-title-lint-error"
                   message: |
diff --git a/.github/workflows/semantic-release.yml b/.github/workflows/semantic-release.yml
@@ -29,7 +29,7 @@ jobs:
 
         steps:
             - name: "Harden Runner"
-              uses: "step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49" # v2.12.2
+              uses: "step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911" # v2.13.0
               with:
                   egress-policy: "audit"
 
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -32,7 +32,7 @@ jobs:
             codecov: "${{ steps.changes.outputs.codecov }}"
         steps:
             - name: "Harden Runner"
-              uses: "step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49" # v2.12.2
+              uses: "step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911" # v2.13.0
               with:
                   egress-policy: "audit"
 
@@ -72,7 +72,7 @@ jobs:
             NODE: "${{ matrix.node_version }}"
         steps:
             - name: "Harden Runner"
-              uses: "step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49" # v2.12.2
+              uses: "step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911" # v2.13.0
               with:
                   egress-policy: "audit"
 
@@ -141,7 +141,7 @@ jobs:
             # If any jobs we depend on fail, we will fail since this is a required check
             # NOTE: A timeout is considered a failure
             - name: "Harden Runner"
-              uses: "step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49" # v2.12.2
+              uses: "step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911" # v2.13.0
               with:
                   egress-policy: "audit"
 
