From 94a41119ae8603062fd2aeefc55de8f3c0bfdfc8 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 10 Dec 2025 12:12:22 +0000
Subject: [PATCH] Bump the actions group with 2 updates

Bumps the actions group with 2 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner) and [codecov/codecov-action](https://github.com/codecov/codecov-action).


Updates `step-security/harden-runner` from 2.13.3 to 2.14.0
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](https://github.com/step-security/harden-runner/compare/df199fb7be9f65074067a9eb93f12bb4c5547cf2...20cf305ff2072d973412fa9b1e3a4f227bda3c76)

Updates `codecov/codecov-action` from 5.5.1 to 5.5.2
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/5a1091511ad55cbe89839c7260b706298ca349f7...671740ac38dd9b0130fbe1cec585b89eea48d3de)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: codecov/codecov-action
  dependency-version: 5.5.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/cache-cleaner.yml      | 2 +-
 .github/workflows/codeql.yml             | 2 +-
 .github/workflows/dependency-review.yml  | 2 +-
 .github/workflows/first-pull-request.yml | 2 +-
 .github/workflows/label-on-approval.yml  | 4 ++--
 .github/workflows/label.yml              | 2 +-
 .github/workflows/publish-pypi.yml       | 2 +-
 .github/workflows/scorecard.yml          | 2 +-
 .github/workflows/testing-suite.yml      | 2 +-
 .github/workflows/workflow-warning.yml   | 2 +-
 10 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/cache-cleaner.yml b/.github/workflows/cache-cleaner.yml
index 57ba96dc..fff25740 100644
--- a/.github/workflows/cache-cleaner.yml
+++ b/.github/workflows/cache-cleaner.yml
@@ -16,7 +16,7 @@ jobs:
       actions: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
+        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           disable-sudo: true
           egress-policy: block
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index ad582d42..f90aba40 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -40,7 +40,7 @@ jobs:
           - 'python'
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
+        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           disable-sudo: true
           egress-policy: block
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
index be63aab4..954713ff 100644
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -20,7 +20,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
+        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           disable-sudo: true
           egress-policy: block
diff --git a/.github/workflows/first-pull-request.yml b/.github/workflows/first-pull-request.yml
index a0235cdc..5fc7eacf 100644
--- a/.github/workflows/first-pull-request.yml
+++ b/.github/workflows/first-pull-request.yml
@@ -18,7 +18,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
+        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           disable-sudo: true
           egress-policy: block
diff --git a/.github/workflows/label-on-approval.yml b/.github/workflows/label-on-approval.yml
index 4b617aed..674199d5 100644
--- a/.github/workflows/label-on-approval.yml
+++ b/.github/workflows/label-on-approval.yml
@@ -27,7 +27,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
+        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           disable-sudo: true
           egress-policy: block
@@ -57,7 +57,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
+        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           disable-sudo: true
           egress-policy: block
diff --git a/.github/workflows/label.yml b/.github/workflows/label.yml
index 854e818f..b656b230 100644
--- a/.github/workflows/label.yml
+++ b/.github/workflows/label.yml
@@ -31,7 +31,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
+        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           disable-sudo: true
           egress-policy: block
diff --git a/.github/workflows/publish-pypi.yml b/.github/workflows/publish-pypi.yml
index 3594955f..dd88ea01 100644
--- a/.github/workflows/publish-pypi.yml
+++ b/.github/workflows/publish-pypi.yml
@@ -19,7 +19,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
+        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           disable-sudo: true
           egress-policy: block
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 640f57db..5e5631b4 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -33,7 +33,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
+        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/testing-suite.yml b/.github/workflows/testing-suite.yml
index 24878a1d..41ba2eb5 100644
--- a/.github/workflows/testing-suite.yml
+++ b/.github/workflows/testing-suite.yml
@@ -76,7 +76,7 @@ jobs:
 
       - name: Upload code coverage to Codecov
         if: github.ref == 'refs/heads/main'
-        uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1
+        uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2
         with:
           files: ./coverage.xml
           flags: unittests
diff --git a/.github/workflows/workflow-warning.yml b/.github/workflows/workflow-warning.yml
index 5dae8414..3e227037 100644
--- a/.github/workflows/workflow-warning.yml
+++ b/.github/workflows/workflow-warning.yml
@@ -27,7 +27,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
+        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           disable-sudo: true
           egress-policy: block