🌱 Bump step-security/harden-runner from 2.1.0 to 2.2.0

[dependabot]

Bumps step-security/harden-runner from 2.1.0 to 2.2.0.

Release notes

Sourced from step-security/harden-runner's releases.

v2.2.0

What's Changed

• Release v2.2.0 by @​varunsh-coder in step-security/harden-runner#245
  1. Added functionality that allows for skipping Harden Runner installation if any errors arise during the installation process.
  2. Updated Harden-Runner GitHub Action to use the latest version of the Harden Runner agent, which resolves three issues:
     • Addressed a bug that allowed calls to direct IP addresses not included in the allowed list when executing code in a docker image.
     • Enhanced annotations to eliminate false positives, specifically not showing false positive calls to docker.io
     • Upgraded containerd dependency to a non-vulnerable version.
• Bump codecov/codecov-action from 2.1.0 to 3.1.1 by @​dependabot in step-security/harden-runner#233
• Bump step-security/harden-runner from 2.0.0 to 2.1.0 by @​dependabot in step-security/harden-runner#232
• Bump github/codeql-action from 2.1.37 to 2.1.38 by @​dependabot in step-security/harden-runner#229
• Update README.md by @​varunsh-coder in step-security/harden-runner#231

Full Changelog: step-security/harden-runner@v2...v2.2.0

Commits

• c8454ef Release v2.2.0 (#245)
• 8f144f8 Merge pull request #231 from step-security/varunsh-coder-patch-1
• 5dfad97 Merge pull request #229 from step-security/dependabot/github_actions/github/c...
• b696244 Merge pull request #232 from step-security/dependabot/github_actions/step-sec...
• 10aedff Merge pull request #233 from step-security/dependabot/github_actions/codecov/...
• 4660e36 Bump codecov/codecov-action from 2.1.0 to 3.1.1
• 6dc7d6a Bump step-security/harden-runner from 2.0.0 to 2.1.0
• 6519f4c Update README.md
• ce76875 Bump github/codeql-action from 2.1.37 to 2.1.38
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

Merging #1093 (880444f) into main (c59c116) will not change coverage.
The diff coverage is n/a.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #1093   +/-   ##
=======================================
  Coverage   62.94%   62.94%           
=======================================
  Files           4        4           
  Lines         251      251           
=======================================
  Hits          158      158           
  Misses         77       77           
  Partials       16       16           

[dependabot]

Superseded by #1104.