From: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 26 Jan 2026 21:41:24 +0000 (+0000)
Subject: Chore: Bump step-security/harden-runner from 2.14.0 to 2.14.1
X-Git-Tag: 2026.02.20~14^2
X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=commitdiff_plain;h=refs%2Fchanges%2F72%2F15472%2F1;p=it%2Fdep.git

Chore: Bump step-security/harden-runner from 2.14.0 to 2.14.1

Bumps step-security/harden-runner from 2.14.0 to 2.14.1.
## Release notes

Sourced from step-security/harden-runner's releases.

v2.14.1
What's Changed

In some self-hosted environments, the agent could briefly fall back to public DNS resolvers during startup if the system DNS was not yet available. This behavior was unintended for GitHub-hosted runners and has now been fixed to prevent any use of public DNS resolvers.

Fixed npm audit vulnerabilities

Full Changelog: https://github.com/step-security/harden-runner/compare/v2.14.0...v2.14.1

## Commits

e3f713f Merge pull request #631 from step-security/rc-31
423acdd chore: fix npm audit vulnerabilities
0ddb86c update agent
See full diff in compare view

![Dependabot compatibility score](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Issue-ID: CIMAN-33
Signed-off-by: dependabot[bot] <support@github.com>
Change-Id: I5809958ff96c48d3e912528033307cb6fe231c57
GitHub-PR: https://github.com/o-ran-sc/it-dep/pull/30
GitHub-Hash: 83393f7afeb5a61f
Signed-off-by: oran.gh2gerrit <releng+oran-gh2gerrit@linuxfoundation.org>
---

diff --git a/.github/workflows/gerrit-merge-itdep.yaml b/.github/workflows/gerrit-merge-itdep.yaml
index 5ee1aad6..8c7f22af 100644
--- a/.github/workflows/gerrit-merge-itdep.yaml
+++ b/.github/workflows/gerrit-merge-itdep.yaml
@@ -92,7 +92,7 @@ jobs:
     timeout-minutes: 20
     steps:
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76  # v2.14.0
+      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/gerrit-merge-release-itdep.yaml b/.github/workflows/gerrit-merge-release-itdep.yaml
index c422de52..510e1c9e 100644
--- a/.github/workflows/gerrit-merge-release-itdep.yaml
+++ b/.github/workflows/gerrit-merge-release-itdep.yaml
@@ -38,7 +38,7 @@ jobs:
     timeout-minutes: 5
     steps:
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76  # v2.14.0
+      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
         with:
           egress-policy: audit
 
@@ -68,7 +68,7 @@ jobs:
     steps:
       # Harden the runner used by this workflow
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76  # v2.14.0
+      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
         with:
           egress-policy: 'audit'
 
@@ -110,7 +110,7 @@ jobs:
     timeout-minutes: 20
     steps:
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76  # v2.14.0
+      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/gerrit-verify-itdep.yaml b/.github/workflows/gerrit-verify-itdep.yaml
index a4ee79d7..137fa2bc 100644
--- a/.github/workflows/gerrit-verify-itdep.yaml
+++ b/.github/workflows/gerrit-verify-itdep.yaml
@@ -104,7 +104,7 @@ jobs:
     timeout-minutes: 15
     steps:
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76  # v2.14.0
+      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/github2gerrit.yaml b/.github/workflows/github2gerrit.yaml
index cf40ec23..6b16311a 100644
--- a/.github/workflows/github2gerrit.yaml
+++ b/.github/workflows/github2gerrit.yaml
@@ -41,7 +41,7 @@ jobs:
     steps:
       # Harden the runner used by this workflow
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76  # v2.14.0
+      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
         name: 'Harden runner'
         with:
           egress-policy: audit