build(deps): bump step-security/harden-runner from 2.8.1 to 2.11.0 (#1102)

Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.8.1 to 2.11.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.11.0</h2>
<h2>What's Changed</h2>
<p>Release v2.11.0 in <a
href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a>
Harden-Runner Enterprise tier now supports the use of eBPF for DNS
resolution and network call monitoring</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.11.0">https://github.com/step-security/harden-runner/compare/v2...v2.11.0</a></p>
<h2>v2.10.4</h2>
<h2>What's Changed</h2>
<p>Fixed a potential Harden-Runner post step failure that could occur
when printing agent service logs. The fix gracefully handles failures
without failing the post step.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.10.4">https://github.com/step-security/harden-runner/compare/v2...v2.10.4</a></p>
<h2>v2.10.3</h2>
<h2>What's Changed</h2>
<p>Fixed an issue where DNS requests using uppercase characters (e.g.,
EXAMPLE.com) were blocked even when the domain was present in the
allowed list. This update standardizes domain names to lowercase for
consistent comparison.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.10.3">https://github.com/step-security/harden-runner/compare/v2...v2.10.3</a></p>
<h2>v2.10.2</h2>
<h2>What's Changed</h2>
<ol>
<li>
<p>Fixes low-severity command injection weaknesses
The advisory is here: <a
href="https://github.com/step-security/harden-runner/security/advisories/GHSA-g85v-wf27-67xc">https://github.com/step-security/harden-runner/security/advisories/GHSA-g85v-wf27-67xc</a></p>
</li>
<li>
<p>Bug fix to improve detection of whether Harden-Runner is running in a
container</p>
</li>
</ol>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.10.2">https://github.com/step-security/harden-runner/compare/v2...v2.10.2</a></p>
<h2>v2.10.1</h2>
<h2>What's Changed</h2>
<p>Release v2.10.1 by <a
href="https://github.com/varunsh-coder"><code>@​varunsh-coder</code></a>
in <a
href="https://redirect.github.com/step-security/harden-runner/pull/463">step-security/harden-runner#463</a>
Bug fix: Resolves an issue where DNS resolution of .local domains was
failing when using a Kind cluster in a GitHub Actions workflow.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.10.1">https://github.com/step-security/harden-runner/compare/v2...v2.10.1</a></p>
<h2>v2.10.0</h2>
<h2>What's Changed</h2>
<p>Release v2.10.0 by <a
href="https://github.com/h0x0er"><code>@​h0x0er</code></a> and <a
href="https://github.com/varunsh-coder"><code>@​varunsh-coder</code></a>
in <a
href="https://redirect.github.com/step-security/harden-runner/pull/455">step-security/harden-runner#455</a></p>
<p><strong>ARM Support</strong>: Harden-Runner Enterprise tier now
supports GitHub-hosted ARM runners. This includes all the features that
apply to previously supported GitHub-hosted x64 Linux runners.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.10.0">https://github.com/step-security/harden-runner/compare/v2...v2.10.0</a></p>
<h2>v2.9.1</h2>
<h2>What's Changed</h2>
<p>Release v2.9.1 by <a
href="https://github.com/h0x0er"><code>@​h0x0er</code></a> and <a
href="https://github.com/varunsh-coder"><code>@​varunsh-coder</code></a>
in <a
href="https://redirect.github.com/step-security/harden-runner/issues/440">#440</a>
This release includes two changes:</p>
<ol>
<li>Updated markdown displayed in the job summary by the Harden-Runner
Action.</li>
<li>Fixed a bug affecting Enterprise Tier customers where the agent
attempted to upload telemetry for jobs with disable-telemetry set to
true. No telemetry was uploaded as the endpoint was not in the allowed
list.</li>
</ol>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/4d991eb9b905ef189e4c376166672c3f2f230481"><code>4d991eb</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a>
from step-security/rc-18</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4ea872f89714b83576609e6f89476dfb114a6246"><code>4ea872f</code></a>
Update README.md</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/65d6f6e4ee070283fc8739e8d8295eb6c554029a"><code>65d6f6e</code></a>
Add workflows</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/1034c9a80544b55a7706ed377ea64ded8b0c7ea4"><code>1034c9a</code></a>
Update package-lock.json</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/ab221e2d7a450f54fde8ccb211cea73c5bcf1e2a"><code>ab221e2</code></a>
Update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/7cb6c2fb524eafc78ce834c51af420c289690789"><code>7cb6c2f</code></a>
Update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/cb605e52c26070c328afc4562f0b4ada7618a84e"><code>cb605e5</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/496">#496</a>
from step-security/fix-enobufs</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/61144dda3ba7a45a4e879e99c548ff785b492364"><code>61144dd</code></a>
Update log statement</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b8be370ff4fa3a7b5d97afe5cbb1921a734fffcc"><code>b8be370</code></a>
Add try catch block</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/6f6fa07e47155133e69ca8a751aad4ff01a292b1"><code>6f6fa07</code></a>
Fix ENOBUFS issue</li>
<li>Additional commits viewable in <a
href="https://github.com/step-security/harden-runner/compare/v2.8.1...4d991eb9b905ef189e4c376166672c3f2f230481">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.8.1&new-version=2.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Author: dependabot[bot]

.github/workflows/afxdp_build.yml

@@ -47,7 +47,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
         with:
           egress-policy: audit
 

.github/workflows/afxdp_build_with_gtest.yml

@@ -48,7 +48,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
         with:
           egress-policy: audit
 
@@ -96,7 +96,7 @@ jobs:
       INTERFACE_R: enp8s0np0
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
         with:
           egress-policy: audit
 

.github/workflows/centos_build.yml

@@ -43,7 +43,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
         with:
           egress-policy: audit
 

.github/workflows/codeql.yml

@@ -42,7 +42,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
         with:
           egress-policy: audit
 

.github/workflows/coverity.yml

@@ -20,7 +20,7 @@ jobs:
     timeout-minutes: 90
     steps:
     - name: 'Harden Runner'
-      uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+      uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
       with:
         egress-policy: audit
 

.github/workflows/dependency-review.yml

@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
         with:
           egress-policy: audit
 

.github/workflows/dpdk_patches_build.yml

@@ -47,7 +47,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
         with:
           egress-policy: audit
 

.github/workflows/ecosystem.yml

@@ -41,7 +41,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
         with:
           egress-policy: audit
 

.github/workflows/ffmpeg_plugin.yml

@@ -43,7 +43,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
         with:
           egress-policy: audit
 

.github/workflows/github_pages_update.yml

@@ -29,7 +29,7 @@ jobs:
     timeout-minutes: 20
     steps:
       - name: Secure the runner
-        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
+        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
         with:
           egress-policy: audit