build(deps): bump step-security/harden-runner from 1.4.5 to 2.2.0

[dependabot]

Bumps step-security/harden-runner from 1.4.5 to 2.2.0.

Release notes

Sourced from step-security/harden-runner's releases.

v2.2.0

What's Changed

• Release v2.2.0 by @​varunsh-coder in step-security/harden-runner#245
  1. Added functionality that allows for skipping Harden Runner installation if any errors arise during the installation process.
  2. Updated Harden-Runner GitHub Action to use the latest version of the Harden Runner agent, which resolves three issues:
     • Addressed a bug that allowed calls to direct IP addresses not included in the allowed list when executing code in a docker image.
     • Enhanced annotations to eliminate false positives, specifically not showing false positive calls to docker.io
     • Upgraded containerd dependency to a non-vulnerable version.
• Bump codecov/codecov-action from 2.1.0 to 3.1.1 by @​dependabot in step-security/harden-runner#233
• Bump step-security/harden-runner from 2.0.0 to 2.1.0 by @​dependabot in step-security/harden-runner#232
• Bump github/codeql-action from 2.1.37 to 2.1.38 by @​dependabot in step-security/harden-runner#229
• Update README.md by @​varunsh-coder in step-security/harden-runner#231

Full Changelog: step-security/harden-runner@v2...v2.2.0

v2.1.0

What's Changed

• Add harden-runner insights URL in job summary by @​h0x0er and @​varunsh-coder in step-security/harden-runner#227. This makes it easier to locate and click on the insights link. One had to look for it in the build log earlier.
• Update README.md by @​varunsh-coder in step-security/harden-runner#210
• Bump github/codeql-action from 2.1.29 to 2.1.31 by @​dependabot in step-security/harden-runner#206
• Bump step-security/harden-runner from 1.5.0 to 2.0.0 by @​dependabot in step-security/harden-runner#211
• Update README by @​varunsh-coder in step-security/harden-runner#216
• Bump ossf/scorecard-action from 2.0.6 to 2.1.0 by @​dependabot in step-security/harden-runner#221
• Bump github/codeql-action from 2.1.31 to 2.1.37 by @​dependabot in step-security/harden-runner#220
• Bump ossf/scorecard-action from 2.1.0 to 2.1.2 by @​dependabot in step-security/harden-runner#223
• Bump actions/upload-artifact from 3.1.1 to 3.1.2 by @​dependabot in step-security/harden-runner#225
• Bump actions/checkout from 3.1.0 to 3.3.0 by @​dependabot in step-security/harden-runner#224

Full Changelog: step-security/harden-runner@v2...v2.1.0

v2.0.0

Release v2.0.0

• Feature to disable sudo: Use disable-sudo: true to run job steps without sudo access on the GitHub-hosted runner. disable-sudo is false by default and needs to be opted-into. (documentation)
• File monitoring improvements: All source code files are monitored now for overwrite, instead of a few extensions. Instead of getting annotations for overwrites, you can also opt-in to getting email or Slack notifications if source code is overwritten. (documentation)
• Support for private repositories: Starting with Harder Runner v2.0.0, use of harden runner for private repositories will require a Team/ Enterprise license. Harder Runner GitHub Action is free for all public repositories.

What's Changed

• Update README.md by @​varunsh-coder in step-security/harden-runner#187
• Bump step-security/harden-runner from 1.4.5 to 1.5.0 by @​dependabot in step-security/harden-runner#188
• Bump github/codeql-action from 2.1.22 to 2.1.26 by @​dependabot in step-security/harden-runner#189
• Add scorecard by @​varunsh-coder in step-security/harden-runner#192
• Bump actions/checkout from 3.0.0 to 3.1.0 by @​dependabot in step-security/harden-runner#198
• Bump github/codeql-action from 2.1.26 to 2.1.27 by @​dependabot in step-security/harden-runner#197
• Bump actions/upload-artifact from 3.0.0 to 3.1.0 by @​dependabot in step-security/harden-runner#194
• Bump ossf/scorecard-action from 2.0.4 to 2.0.6 by @​dependabot in step-security/harden-runner#202
• Bump github/codeql-action from 2.1.27 to 2.1.28 by @​dependabot in step-security/harden-runner#201

... (truncated)

Commits

• c8454ef Release v2.2.0 (#245)
• 8f144f8 Merge pull request #231 from step-security/varunsh-coder-patch-1
• 5dfad97 Merge pull request #229 from step-security/dependabot/github_actions/github/c...
• b696244 Merge pull request #232 from step-security/dependabot/github_actions/step-sec...
• 10aedff Merge pull request #233 from step-security/dependabot/github_actions/codecov/...
• 4660e36 Bump codecov/codecov-action from 2.1.0 to 3.1.1
• 6dc7d6a Bump step-security/harden-runner from 2.0.0 to 2.1.0
• 6519f4c Update README.md
• 18bf8ad Add step-security insights url in job summary (#227)
• ce76875 Bump github/codeql-action from 2.1.37 to 2.1.38
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

The following labels could not be found: area/dependency, release-note-none, ok-to-test.