build(deps): Bump step-security/harden-runner from 2.9.0 to 2.9.1

[dependabot]

Bumps step-security/harden-runner from 2.9.0 to 2.9.1.

Release notes

Sourced from step-security/harden-runner's releases.

v2.9.1

What's Changed

Release v2.9.1 by @​h0x0er and @​varunsh-coder in #440 This release includes two changes:

1. Updated markdown displayed in the job summary by the Harden-Runner Action.
2. Fixed a bug affecting Enterprise Tier customers where the agent attempted to upload telemetry for jobs with disable-telemetry set to true. No telemetry was uploaded as the endpoint was not in the allowed list.

Full Changelog: step-security/harden-runner@v2...v2.9.1

Commits

• 5c7944e Merge pull request #440 from step-security/rc-11
• c79be45 Merge branch 'main' into rc-11
• deb3383 Merge pull request #446 from h0x0er/log-step
• 23c8215 update dist
• 727d06a logging step
• f0db2aa Merge pull request #441 from step-security/dependabot/github_actions/github/c...
• 1938ffc Merge branch 'main' into dependabot/github_actions/github/codeql-action-3.25.13
• 8e7dd2c Merge pull request #442 from step-security/dependabot/github_actions/step-sec...
• f2823ee Bump step-security/publish-unit-test-result-action from 1 to 2
• 5f95e05 Bump github/codeql-action from 2.13.4 to 3.25.13
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @jeromy-cannon.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Test Results

  15 files  ±0    75 suites  ±0   7m 30s ⏱️ +24s
242 tests  - 8  234 ✔️  - 8  7 💤 ±0  1 ❌ ±0 
260 runs  +1  251 ✔️ +1  8 💤 ±0  1 ❌ ±0 

For more details on these failures, see this check.

Results for commit 177c8b2. ± Comparison against base commit 39c9ed7.

This pull request removes 13 and adds 5 tests. Note that renamed tests count towards both.

should NOT be able to use transferFrom on NFT tokens without approval ‑ TokenTransferContract Test Suite should NOT be able to use transferFrom on NFT tokens without approval
should NOT be able to use transferFrom on fungible tokens without approval ‑ TokenTransferContract Test Suite should NOT be able to use transferFrom on fungible tokens without approval
should be able to execute cryptoTransfer for hbar transfer only ‑ TokenTransferContract Test Suite should be able to execute cryptoTransfer for hbar transfer only
should be able to execute cryptoTransfer for nft only ‑ TokenTransferContract Test Suite should be able to execute cryptoTransfer for nft only
should be able to execute cryptoTransfer with both 3 txs ‑ TokenTransferContract Test Suite should be able to execute cryptoTransfer with both 3 txs
should be able to execute getApproved ‑ TokenTransferContract Test Suite should be able to execute getApproved
should be able to execute transferNFT ‑ TokenTransferContract Test Suite should be able to execute transferNFT
should be able to execute transferNFTs ‑ TokenTransferContract Test Suite should be able to execute transferNFTs
should be able to execute transferToken ‑ TokenTransferContract Test Suite should be able to execute transferToken
should be able to execute transferTokens ‑ TokenTransferContract Test Suite should be able to execute transferTokens
…

"before all" hook for "should NOT be able to use transferFrom on fungible tokens without approval" ‑ TokenTransferContract Test Suite "before all" hook for "should NOT be able to use transferFrom on fungible tokens without approval"
should be able to get Non fungible token info ‑ SafeHTS library Test Suite should be able to get Non fungible token info
should be able to get fungible token info ‑ SafeHTS library Test Suite should be able to get fungible token info
should be able to get token info ‑ SafeHTS library Test Suite should be able to get token info
should be able to transfer tokens and hbars atomically ‑ SafeHTS library Test Suite should be able to transfer tokens and hbars atomically

[jeromy-cannon]

@dependabot squash and merge

[dependabot]

One of your CI runs failed on this pull request, so Dependabot won't merge it.

Dependabot will still automatically merge this pull request if you amend it and your tests pass.