Bump step-security/harden-runner from 2.10.1 to 2.10.2

[dependabot]

Bumps step-security/harden-runner from 2.10.1 to 2.10.2.

Release notes

Sourced from step-security/harden-runner's releases.

v2.10.2

What's Changed

1. Fixes low-severity command injection weaknesses The advisory is here: GHSA-g85v-wf27-67xc

2. Bug fix to improve detection of whether Harden-Runner is running in a container

Full Changelog: step-security/harden-runner@v2...v2.10.2

Commits

• 0080882 Merge pull request #476 from step-security/rc-16
• 4a3a88b Update dist
• 556aae6 Merge pull request #480 from h0x0er/jatin/cleanup
• 6c39b84 chore: clean the code
• 40401cf Update for isdocker
• 806ab1c Update check for isdocker
• 2846811 update dist
• df8a07c Merge pull request #475 from h0x0er/fix-execSync
• 30636fb bug fixes
• See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Test Results

  7 files   53 suites   3m 58s ⏱️
185 tests 168 ✅ 17 💤 0 ❌
692 runs  624 ✅ 68 💤 0 ❌

Results for commit db2beeb.

♻️ This comment has been updated with latest results.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 64.95%. Comparing base (5aff765) to head (db2beeb).
Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #1863   +/-   ##
=======================================
  Coverage   64.95%   64.95%           
=======================================
  Files         163      163           
  Lines       34552    34552           
  Branches    20043    20043           
=======================================
  Hits        22442    22442           
- Misses       7954     7959    +5     
+ Partials     4156     4151    -5     

Flag	Coverage Δ
buildmgr-cov	73.94% <ø> (ø)
packchk-cov	65.65% <ø> (ø)
packgen-cov	77.87% <ø> (ø)
projmgr-cov	81.69% <ø> (ø)
svdconv-cov	40.23% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

see 2 files with indirect coverage changes

---- 🚨 Try these New Features:

• Flaky Tests Detection - Detect and resolve failed and flaky tests