build(deps): update github actions (#84)

renovate[bot] · web-flow · commit 7237fec07c8a · 2026-03-29T01:48:22.000Z
Signed-off-by: renovate[bot] &lt;29139614+renovate[bot]@users.noreply.github.com&gt;
Co-authored-by: renovate[bot] &lt;29139614+renovate[bot]@users.noreply.github.com&gt;
diff --git a/.github/workflows/mega-lint.yml b/.github/workflows/mega-lint.yml
@@ -49,7 +49,7 @@ jobs:
       MEGALINTER_CONFIG: ${{ inputs.megalinter-config }} # Use the input value
     steps:
       - name: Harden GitHub runner
-        uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: ${{ inputs.egress-policy }}
     
@@ -73,6 +73,6 @@ jobs:
 
       - name: Upload MegaLinter scan results to GitHub Security tab
         if: success() || failure()
-        uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6
+        uses: github/codeql-action/upload-sarif@38697555549f1db7851b81482ff19f1fa5c4fedc # v4.34.1
         with:
           sarif_file: "megalinter-reports/megalinter-report.sarif"
diff --git a/.github/workflows/openssf-scorecard.yml b/.github/workflows/openssf-scorecard.yml
@@ -54,7 +54,7 @@ jobs:
 
     steps:
       - name: Harden GitHub runner
-        uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: ${{ inputs.egress-policy }}
       
@@ -82,6 +82,6 @@ jobs:
       # Upload the results to GitHub's code scanning dashboard (optional).
       # Commenting out will disable upload of results to your repo's Code Scanning dashboard
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6
+        uses: github/codeql-action/upload-sarif@38697555549f1db7851b81482ff19f1fa5c4fedc # v4.34.1
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/version-bump-changelog.yml b/.github/workflows/version-bump-changelog.yml
@@ -59,7 +59,7 @@ jobs:
       contents: write
     steps:
       - name: Harden GitHub runner
-        uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1
+        uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
         with:
           egress-policy: ${{ inputs.egress-policy }}
     
