From 155314e1b9d5985ddb4b11d9c8eeb0ce4bff9edb Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 9 Feb 2026 23:09:40 +0000
Subject: [PATCH] Chore: Bump step-security/harden-runner from 2.14.1 to 2.14.2

Bumps step-security/harden-runner from 2.14.1 to 2.14.2.
## Release notes

Sourced from step-security/harden-runner's releases.

v2.14.2
What's Changed
Security fix: Fixed a medium severity vulnerability where outbound network connections using sendto, sendmsg, and sendmmsg socket system calls could bypass audit logging when using egress-policy: audit. This issue only affects the Community Tier in audit mode; block mode and Enterprise Tier were not affected. See GHSA-cpmj-h4f6-r6pq for details.
Full Changelog: https://github.com/step-security/harden-runner/compare/v2.14.1...v2.14.2

## Commits

5ef0c07 Merge pull request #635 from step-security/rc-34
eb43c7b update agent
See full diff in compare view

![Dependabot compatibility score](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Issue-ID: CIMAN-33
Signed-off-by: dependabot[bot] <support@github.com>
Change-Id: Ib565b2e6b40e5d95366215c6a97b5b4aae6fdabd
GitHub-PR: https://github.com/o-ran-sc/it-dep/pull/33
GitHub-Hash: e5c73ab07ee472a8
Signed-off-by: oran.gh2gerrit <releng+oran-gh2gerrit@linuxfoundation.org>
---
 .github/workflows/gerrit-merge-itdep.yaml         | 2 +-
 .github/workflows/gerrit-merge-release-itdep.yaml | 6 +++---
 .github/workflows/gerrit-verify-itdep.yaml        | 2 +-
 .github/workflows/github2gerrit.yaml              | 2 +-
 4 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/gerrit-merge-itdep.yaml b/.github/workflows/gerrit-merge-itdep.yaml
index 8c7f22af..0ccef156 100644
--- a/.github/workflows/gerrit-merge-itdep.yaml
+++ b/.github/workflows/gerrit-merge-itdep.yaml
@@ -92,7 +92,7 @@ jobs:
     timeout-minutes: 20
     steps:
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
+      - uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e  # v2.14.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/gerrit-merge-release-itdep.yaml b/.github/workflows/gerrit-merge-release-itdep.yaml
index 2dbd5d3e..dda3fb55 100644
--- a/.github/workflows/gerrit-merge-release-itdep.yaml
+++ b/.github/workflows/gerrit-merge-release-itdep.yaml
@@ -38,7 +38,7 @@ jobs:
     timeout-minutes: 5
     steps:
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
+      - uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e  # v2.14.2
         with:
           egress-policy: audit
 
@@ -68,7 +68,7 @@ jobs:
     steps:
       # Harden the runner used by this workflow
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
+      - uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e  # v2.14.2
         with:
           egress-policy: 'audit'
 
@@ -110,7 +110,7 @@ jobs:
     timeout-minutes: 20
     steps:
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
+      - uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e  # v2.14.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/gerrit-verify-itdep.yaml b/.github/workflows/gerrit-verify-itdep.yaml
index 137fa2bc..fb542c64 100644
--- a/.github/workflows/gerrit-verify-itdep.yaml
+++ b/.github/workflows/gerrit-verify-itdep.yaml
@@ -104,7 +104,7 @@ jobs:
     timeout-minutes: 15
     steps:
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
+      - uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e  # v2.14.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/github2gerrit.yaml b/.github/workflows/github2gerrit.yaml
index fe1ad678..2b4f0c7c 100644
--- a/.github/workflows/github2gerrit.yaml
+++ b/.github/workflows/github2gerrit.yaml
@@ -41,7 +41,7 @@ jobs:
     steps:
       # Harden the runner used by this workflow
       # yamllint disable-line rule:line-length
-      - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9  # v2.14.1
+      - uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e  # v2.14.2
         name: 'Harden runner'
         with:
           egress-policy: audit
-- 
2.16.6