From aa5d650891832c39eefce42ec88bc3a0159911f9 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 16 Feb 2026 09:28:34 +0000
Subject: [PATCH] chore(deps): bump the actions-updates group with 2 updates

Bumps the actions-updates group with 2 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner) and [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv).


Updates `step-security/harden-runner` from 2.14.1 to 2.14.2
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](https://github.com/step-security/harden-runner/compare/e3f713f2d8f53843e71c69a996d56f51aa9adfb9...5ef0c079ce82195b2a36a210272d6b661572d83e)

Updates `astral-sh/setup-uv` from 7.2.0 to 7.3.0
- [Release notes](https://github.com/astral-sh/setup-uv/releases)
- [Commits](https://github.com/astral-sh/setup-uv/compare/61cb8a9741eeb8a550a1b8544337180c0fc8476b...eac588ad8def6316056a12d4907a9d4d84ff7a3b)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.14.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-updates
- dependency-name: astral-sh/setup-uv
  dependency-version: 7.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/ci-actions.yml | 4 ++--
 .github/workflows/ci-code.yml    | 6 +++---
 .github/workflows/codeql.yml     | 2 +-
 .github/workflows/publish.yml    | 2 +-
 .github/workflows/release.yml    | 2 +-
 5 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/ci-actions.yml b/.github/workflows/ci-actions.yml
index d2f7a99..10ae00c 100644
--- a/.github/workflows/ci-actions.yml
+++ b/.github/workflows/ci-actions.yml
@@ -25,7 +25,7 @@ jobs:
       actions: read # Needed to analyze action metadata.
     steps:
     - name: harden runner
-      uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
+      uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
       with:
         egress-policy: audit
 
@@ -35,7 +35,7 @@ jobs:
         persist-credentials: false
 
     - name: setup uv
-      uses: astral-sh/setup-uv@61cb8a9741eeb8a550a1b8544337180c0fc8476b # v7.2.0
+      uses: astral-sh/setup-uv@eac588ad8def6316056a12d4907a9d4d84ff7a3b # v7.3.0
 
     - name: zizmor
       run: uvx zizmor --pedantic --format sarif . > results.sarif
diff --git a/.github/workflows/ci-code.yml b/.github/workflows/ci-code.yml
index 5eb5cb1..02d301e 100644
--- a/.github/workflows/ci-code.yml
+++ b/.github/workflows/ci-code.yml
@@ -21,7 +21,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: harden runner
-      uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
+      uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
       with:
         egress-policy: audit
 
@@ -51,7 +51,7 @@ jobs:
     name: 'build ${{ matrix.arch }}'
     steps:
     - name: harden runner
-      uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
+      uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
       with:
         egress-policy: audit
 
@@ -80,7 +80,7 @@ jobs:
     name: 'clippy ${{ matrix.arch }}'
     steps:
     - name: harden runner
-      uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
+      uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
       with:
         egress-policy: audit
 
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index f12f23b..c5d07c2 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -37,7 +37,7 @@ jobs:
           build-mode: none
     steps:
     - name: harden runner
-      uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
+      uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
       with:
         egress-policy: audit
 
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 38a2f02..2f892b8 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -25,7 +25,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: harden runner
-      uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
+      uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
       with:
         egress-policy: audit
 
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 929c98a..2309d90 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -25,7 +25,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: harden runner
-      uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
+      uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
       with:
         egress-policy: audit