chore(deps): update step-security/harden-runner action to v2

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
step-security/harden-runner	action	major	v1.5.0 -> v2.0.0

---

Release Notes

step-security/harden-runner

v2.0.0

Compare Source

Release v2.0.0

• Feature to disable sudo: Use disable-sudo: true to run job steps without sudo access on the GitHub-hosted runner. disable-sudo is false by default and needs to be opted-into. (documentation)
• File monitoring improvements: All source code files are monitored now for overwrite, instead of a few extensions. Instead of getting annotations for overwrites, you can also opt-in to getting email or Slack notifications if source code is overwritten. (documentation)
• Support for private repositories: Starting with Harder Runner v2.0.0, use of harden runner for private repositories will require a Team/ Enterprise license. Harder Runner GitHub Action is free for all public repositories.

What's Changed

• Update README.md by @​varunsh-coder in https://github.com/step-security/harden-runner/pull/187
• Bump step-security/harden-runner from 1.4.5 to 1.5.0 by @​dependabot in https://github.com/step-security/harden-runner/pull/188
• Bump github/codeql-action from 2.1.22 to 2.1.26 by @​dependabot in https://github.com/step-security/harden-runner/pull/189
• Add scorecard by @​varunsh-coder in https://github.com/step-security/harden-runner/pull/192
• Bump actions/checkout from 3.0.0 to 3.1.0 by @​dependabot in https://github.com/step-security/harden-runner/pull/198
• Bump github/codeql-action from 2.1.26 to 2.1.27 by @​dependabot in https://github.com/step-security/harden-runner/pull/197
• Bump actions/upload-artifact from 3.0.0 to 3.1.0 by @​dependabot in https://github.com/step-security/harden-runner/pull/194
• Bump ossf/scorecard-action from 2.0.4 to 2.0.6 by @​dependabot in https://github.com/step-security/harden-runner/pull/202
• Bump github/codeql-action from 2.1.27 to 2.1.28 by @​dependabot in https://github.com/step-security/harden-runner/pull/201
• Bump actions/upload-artifact from 3.1.0 to 3.1.1 by @​dependabot in https://github.com/step-security/harden-runner/pull/203
• Bump github/codeql-action from 2.1.28 to 2.1.29 by @​dependabot in https://github.com/step-security/harden-runner/pull/204
• Update README by @​varunsh-coder in https://github.com/step-security/harden-runner/pull/208

Full Changelog: step-security/harden-runner@v1...v2.0.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[sonarcloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information