chore(deps): update step-security/harden-runner action to v2.9.1

[renovate[bot]]

This PR contains the following updates:

Package	Type	Update	Change
step-security/harden-runner	action	patch	v2.9.0 -> v2.9.1

---

Release Notes

step-security/harden-runner (step-security/harden-runner)

### [`v2.9.1`](https://togithub.com/step-security/harden-runner/releases/tag/v2.9.1) [Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.9.0...v2.9.1) ##### What's Changed Release v2.9.1 by [@​h0x0er](https://togithub.com/h0x0er) and [@​varunsh-coder](https://togithub.com/varunsh-coder) in [#​440](https://togithub.com/step-security/harden-runner/issues/440) This release includes two changes: 1. Updated markdown displayed in the job summary by the Harden-Runner Action. 2. Fixed a bug affecting Enterprise Tier customers where the agent attempted to upload telemetry for jobs with disable-telemetry set to true. No telemetry was uploaded as the endpoint was not in the allowed list. **Full Changelog**: https://github.com/step-security/harden-runner/compare/v2...v2.9.1

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• [ ] If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions[bot]]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
actions/step-security/harden-runner	5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde	:green_circle: 8.8	Details Check Score Reason Binary-Artifacts :green_circle: 10 no binaries found in the repo Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests :green_circle: 10 14 out of 14 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected Code-Review :green_circle: 10 all changesets reviewed Contributors :green_circle: 6 project has 2 contributing companies or organizations -- score normalized to 6 Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Dependency-Update-Tool :green_circle: 10 update tool detected Fuzzing :warning: 0 project is not fuzzed License :green_circle: 10 license file detected Maintained :green_circle: 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 Packaging :warning: -1 packaging workflow not detected Pinned-Dependencies :green_circle: 7 dependency not pinned by hash detected -- score normalized to 7 SAST :green_circle: 9 SAST tool detected but not run on all commits Security-Policy :green_circle: 10 security policy file detected Signed-Releases :warning: -1 no releases found Token-Permissions :green_circle: 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected

Scanned Manifest Files

.github/workflows/dependency-review.yml

• step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde
• step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c