Merge 21f33c476c into 41c5b9677a

chore(deps): bump github/codeql-action from 4.32.0 to 4.32.2 (#13558 )
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.32.0 to 4.32.2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](b20883b0cd...45cbd0c69e) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.32.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-11 05:39:45 +08:00 · 2026-02-10 20:24:33 +01:00 · 2026-02-08 21:09:55 +01:00 · 2026-02-08 21:09:10 +01:00
5 changed files with 7 additions and 7 deletions
--- a/.github/workflows/dependencies.yml
+++ b/.github/workflows/dependencies.yml
@ -13,7 +13,7 @@ jobs:
      contents: write # this is needed to push commits and branches
    steps:
      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
+        uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
        with:
          egress-policy: audit
--- a/.github/workflows/installer.yml
+++ b/.github/workflows/installer.yml
@ -26,7 +26,7 @@ jobs:
          - macos-latest
    steps:
      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
+        uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
        with:
          egress-policy: audit
@ -47,7 +47,7 @@ jobs:
      - test
    steps:
      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
+        uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
        with:
          egress-policy: audit
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@ -24,7 +24,7 @@ jobs:
    if: github.repository == 'ohmyzsh/ohmyzsh'
    steps:
      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
+        uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
        with:
          egress-policy: audit
--- a/.github/workflows/project.yml
+++ b/.github/workflows/project.yml
@ -17,7 +17,7 @@ jobs:
    if: github.repository == 'ohmyzsh/ohmyzsh'
    steps:
      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
+        uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
        with:
          egress-policy: audit
      - name: Authenticate as @ohmyzsh
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@ -36,7 +36,7 @@ jobs:
    steps:
      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
+        uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
        with:
          egress-policy: audit
@ -60,6 +60,6 @@ jobs:
          retention-days: 5
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0
+        uses: github/codeql-action/upload-sarif@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2
        with:
          sarif_file: results.sarif