chore: bump the all group across 1 directory with 4 updates

.github/workflows/benchmark.yaml

@@ -17,7 +17,7 @@ jobs:
  pull-requests: write
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 

.github/workflows/check-manifest.yaml

@@ -32,7 +32,7 @@ jobs:
  timeout-minutes: 10
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 

.github/workflows/codeql.yaml

@@ -17,20 +17,20 @@ jobs:
 
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 
  - name: Checkout repository
  uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
 
  - name: Initialize CodeQL
- uses: github/codeql-action/init@2c779ab0d087cd7fe7b826087247c2c81f27bfa6
+ uses: github/codeql-action/init@8214744c546c1e5c8f03dde8fab3a7353211988d
  with:
  languages: go
 
  - name: Autobuild
- uses: github/codeql-action/autobuild@2c779ab0d087cd7fe7b826087247c2c81f27bfa6
+ uses: github/codeql-action/autobuild@8214744c546c1e5c8f03dde8fab3a7353211988d
 
  - name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@2c779ab0d087cd7fe7b826087247c2c81f27bfa6
+ uses: github/codeql-action/analyze@8214744c546c1e5c8f03dde8fab3a7353211988d

.github/workflows/dapr-pubsub.yaml

@@ -20,7 +20,7 @@ jobs:
  DAPR_VERSION: ["1.12"]
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 
@@ -60,7 +60,7 @@ jobs:
  kubectl logs -n gatekeeper-system -l control-plane=audit-controller --tail=-1 > logs-audit-publish.json
 
  - name: Upload artifacts
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
+ uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
  if: ${{ always() }}
  with:
  name: pubsub-logs

.github/workflows/dependency-review.yml

@@ -17,7 +17,7 @@ jobs:
  runs-on: ubuntu-22.04
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 

.github/workflows/license-lint.yaml

@@ -25,7 +25,7 @@ jobs:
  contents: read
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 

.github/workflows/lint.yaml

@@ -33,7 +33,7 @@ jobs:
  runs-on: ubuntu-22.04
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 

.github/workflows/patch-docs.yaml

@@ -13,7 +13,7 @@ jobs:
  runs-on: ubuntu-22.04
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 
@@ -52,7 +52,7 @@ jobs:
  make patch-version-docs NEWVERSION=v${MAJOR_VERSION}.${MINOR_VERSION}.x TAG=v${TAG} OLDVERSION=v${MAJOR_VERSION}.${MINOR_VERSION}.$((PATCH_VERSION-1)) OPA_VERSIONS="${versions}"
 
  - name: Create release pull request
- uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0
+ uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
  with:
  commit-message: "chore: Patch docs for ${{ env.TAG }} release"
  title: "chore: Patch docs for ${{ env.TAG }} release"

.github/workflows/pre-release.yaml

@@ -19,7 +19,7 @@ jobs:
  timeout-minutes: 30
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 

.github/workflows/release-pr.yaml

@@ -18,7 +18,7 @@ jobs:
  runs-on: ubuntu-22.04
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 
@@ -91,7 +91,7 @@ jobs:
  make version-docs NEWVERSION=v${MAJOR_VERSION}.${MINOR_VERSION}.x TAG=v${TAG} OPA_VERSIONS="${versions}"
 
  - name: Create release pull request
- uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0
+ uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5
  with:
  commit-message: "chore: Prepare ${{ env.NEWVERSION }} release"
  title: "chore: Prepare ${{ env.NEWVERSION }} release"

.github/workflows/release.yaml

@@ -27,7 +27,7 @@ jobs:
  docker system prune -a -f --filter "label!=org.opencontainers.image.source=https://github.com/stefanprodan/alpine-base"
 
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 

.github/workflows/scan-vulns.yaml

@@ -32,7 +32,7 @@ jobs:
  timeout-minutes: 15
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 
@@ -48,7 +48,7 @@ jobs:
  timeout-minutes: 15
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 

.github/workflows/scorecards.yml

@@ -31,7 +31,7 @@ jobs:
 
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 
@@ -63,14 +63,14 @@ jobs:
  # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
  # format to the repository Actions tab.
  - name: "Upload artifact"
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
+ uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
  with:
  name: SARIF file
  path: results.sarif
  retention-days: 5
 
  # Upload the results to GitHub's code scanning dashboard.
  - name: "Upload to code-scanning"
- uses: github/codeql-action/upload-sarif@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3.26.5
+ uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7
  with:
  sarif_file: results.sarif

.github/workflows/test-gator.yaml

@@ -36,7 +36,7 @@ jobs:
  KUBERNETES_VERSION: ["1.27.13", "1.28.9", "1.29.4", "1.30.0"]
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 

.github/workflows/unit-test.yaml

@@ -32,7 +32,7 @@ jobs:
  timeout-minutes: 20
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 

.github/workflows/upgrade.yaml

@@ -26,7 +26,7 @@ jobs:
  HELM_VERSION: ["3.14.1"]
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 
@@ -98,7 +98,7 @@ jobs:
  kubectl logs -n gatekeeper-system -l run=dummy-provider --tail=-1 > logs-${{ matrix.HELM_VERSION }}-dummy-provider-post-upgrade.json
 
  - name: Upload artifacts
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
+ uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
  if: ${{ always() }}
  with:
  name: logs

.github/workflows/website.yaml

@@ -25,7 +25,7 @@ jobs:
  working-directory: website
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 

.github/workflows/workflow.yaml

@@ -36,7 +36,7 @@ jobs:
  KUBERNETES_VERSION: ["1.27.13", "1.28.9", "1.29.4", "1.30.0"]
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 
@@ -80,7 +80,7 @@ jobs:
  kubectl logs -n gatekeeper-system -l control-plane=audit-controller --tail=-1 > logs-audit.json
 
  - name: Upload artifacts
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
+ uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
  if: ${{ always() }}
  with:
  name: logs-${{ matrix.KUBERNETES_VERSION }}
@@ -98,7 +98,7 @@ jobs:
  GATEKEEPER_NAMESPACE: ["gatekeeper-system", "custom-namespace"]
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 
@@ -150,7 +150,7 @@ jobs:
  kubectl logs -n ${{ matrix.GATEKEEPER_NAMESPACE }} -l run=dummy-provider --tail=-1 > logs-helm-${{ matrix.HELM_VERSION }}-${{ matrix.GATEKEEPER_NAMESPACE }}-dummy-provider.json
 
  - name: Upload artifacts
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
+ uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
  if: ${{ always() }}
  with:
  name: helm-logs-${{ matrix.HELM_VERSION }}-${{ matrix.GATEKEEPER_NAMESPACE }}
@@ -164,7 +164,7 @@ jobs:
 
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 
@@ -207,7 +207,7 @@ jobs:
  kubectl logs -n gatekeeper-system -l control-plane=audit-controller --tail=-1 > logs-generatorexpansion-audit.json
 
  - name: Upload artifacts
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
+ uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
  if: ${{ always() }}
  with:
  name: generatorexpansion-logs