chore(deps): bump step-security/harden-runner from 2.14.2 to 2.15.0

Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.14.2 to 2.15.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](5ef0c079ce...a90bcbc653) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.15.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
2026-03-27 03:14:56 +01:00 · 2026-03-01 12:53:14 +00:00 · 2026-03-01 12:53:14 +00:00 · 1de319769b
commit 1de319769b
parent 5c4f27b716
5 changed files with 6 additions and 6 deletions
--- a/.github/workflows/dependencies.yml
+++ b/.github/workflows/dependencies.yml
@ -13,7 +13,7 @@ jobs:
      contents: write # this is needed to push commits and branches
    steps:
      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
+        uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
        with:
          egress-policy: audit

--- a/.github/workflows/installer.yml
+++ b/.github/workflows/installer.yml
@ -26,7 +26,7 @@ jobs:
          - macos-latest
    steps:
      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
+        uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
        with:
          egress-policy: audit

@ -47,7 +47,7 @@ jobs:
      - test
    steps:
      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
+        uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
        with:
          egress-policy: audit

--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@ -24,7 +24,7 @@ jobs:
    if: github.repository == 'ohmyzsh/ohmyzsh'
    steps:
      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
+        uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
        with:
          egress-policy: audit

--- a/.github/workflows/project.yml
+++ b/.github/workflows/project.yml
@ -17,7 +17,7 @@ jobs:
    if: github.repository == 'ohmyzsh/ohmyzsh'
    steps:
      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
+        uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
        with:
          egress-policy: audit
      - name: Authenticate as @ohmyzsh
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@ -36,7 +36,7 @@ jobs:

    steps:
      - name: Harden the runner (Audit all outbound calls)
-        uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
+        uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
        with:
          egress-policy: audit