From 4d3751bffb28139dac1fec5ce35b9c4e9221a99e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 18 Nov 2024 23:49:15 +0000
Subject: [PATCH] Bump step-security/harden-runner from 1 to 2.10.2 in
 /.github/workflows

Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 1 to 2.10.2.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](https://github.com/step-security/harden-runner/compare/v1...v2.10.2)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/npm-publish.yml | 2 +-
 .github/workflows/release.yml     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml
index b0a4b060c7..59df6c0061 100644
--- a/.github/workflows/npm-publish.yml
+++ b/.github/workflows/npm-publish.yml
@@ -97,7 +97,7 @@ jobs:
       contents: read
       id-token: write
     steps:
-      - uses: step-security/harden-runner@v1
+      - uses: step-security/harden-runner@v2.10.2
         with:
           egress-policy: block
           allowed-endpoints: >
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 3a957f007c..ecb610d459 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -15,7 +15,7 @@ jobs:
       contents: write
 
     steps:
-      - uses: step-security/harden-runner@v1
+      - uses: step-security/harden-runner@v2.10.2
         with:
           allowed-endpoints:
             api.github.com:443