build(deps): bump the actions-deps group with 3 updates

[dependabot]

Bumps the actions-deps group with 3 updates: step-security/harden-runner, actions/checkout and taiki-e/install-action.

Updates step-security/harden-runner from 2.13.1 to 2.13.2

Release notes

Sourced from step-security/harden-runner's releases.

v2.13.2

What's Changed

• Fixed an issue where there was a limit of 512 allowed endpoints when using block egress policy. This restriction has been removed, allowing for an unlimited number of endpoints to be configured.
• Harden Runner now automatically detects if the agent is already pre-installed on a custom VM image used by a GitHub-hosted runner. When detected, the action will skip reinstallation and use the existing agent.

Full Changelog: step-security/harden-runner@v2.13.1...v2.13.2

Commits

• 95d9a5d Merge pull request #606 from step-security/rc-28
• 87e429d Update limitations.md
• ef891c3 feat: add support for custom vm image
• 1fa8c8a update agent
• 92c522a Merge pull request #593 from step-security/ak-readme-updates
• 4719ad5 README updates
• 4fde639 Merge pull request #591 from eromosele-stepsecurity/Upd
• f682f2f Update README.md
• See full diff in compare view

Updates actions/checkout from ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 to 71cf2267d89c5cb81562390fa70a37fa40b1305e

Changelog

Sourced from actions/checkout's changelog.

Changelog

V5.0.0

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226

V4.3.0

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in actions/checkout#2044
• Update README.md by @​nebuk89 in actions/checkout#2194
• Update CODEOWNERS for actions by @​TingluoHuang in actions/checkout#2224
• Update package dependencies by @​salmanmkc in actions/checkout#2236

v4.2.2

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

v4.2.1

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

v4.2.0

• Add Ref and Commit outputs by @​lucacome in actions/checkout#1180
• Dependency updates by @​dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in actions/checkout#1739
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/checkout#1697
• Check out other refs/* by commit by @​orhantoy in actions/checkout#1774
• Pin actions/checkout's own workflows to a known, good, stable version. by @​jww3 in actions/checkout#1776

v4.1.6

• Check platform to set archive extension appropriately by @​cory-miller in actions/checkout#1732

v4.1.5

• Update NPM dependencies by @​cory-miller in actions/checkout#1703
• Bump github/codeql-action from 2 to 3 by @​dependabot in actions/checkout#1694
• Bump actions/setup-node from 1 to 4 by @​dependabot in actions/checkout#1696
• Bump actions/upload-artifact from 2 to 4 by @​dependabot in actions/checkout#1695
• README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @​cory-miller in actions/checkout#1707

v4.1.4

• Disable extensions.worktreeConfig when disabling sparse-checkout by @​jww3 in actions/checkout#1692
• Add dependabot config by @​cory-miller in actions/checkout#1688
• Bump the minor-actions-dependencies group with 2 updates by @​dependabot in actions/checkout#1693
• Bump word-wrap from 1.2.3 to 1.2.5 by @​dependabot in actions/checkout#1643

v4.1.3

... (truncated)

Commits

• 71cf226 v6-beta (#2298)
• 069c695 Persist creds to a separate file (#2286)
• See full diff in compare view

Updates taiki-e/install-action from 2.62.45 to 2.62.49

Release notes

Sourced from taiki-e/install-action's releases.

2.62.49

• Update cargo-binstall@latest to 1.15.11.

• Update cargo-auditable@latest to 0.7.2.

• Update vacuum@latest to 0.20.2.

2.62.48

• Update mise@latest to 2025.11.3.

• Update cargo-audit@latest to 0.22.0.

• Update vacuum@latest to 0.20.1.

• Update uv@latest to 0.9.8.

• Update cargo-udeps@latest to 0.1.60.

• Update zizmor@latest to 1.16.3.

2.62.47

• Update vacuum@latest to 0.20.0.

• Update cargo-nextest@latest to 0.9.111.

• Update cargo-shear@latest to 1.6.2.

2.62.46

• Update vacuum@latest to 0.19.5.

• Update syft@latest to 1.37.0.

• Update mise@latest to 2025.11.2.

• Update knope@latest to 0.21.5.

Changelog

Sourced from taiki-e/install-action's changelog.

Changelog

All notable changes to this project will be documented in this file.

This project adheres to Semantic Versioning.

[Unreleased]

[2.62.49] - 2025-11-09

• Update cargo-binstall@latest to 1.15.11.

• Update cargo-auditable@latest to 0.7.2.

• Update vacuum@latest to 0.20.2.

[2.62.48] - 2025-11-08

• Update mise@latest to 2025.11.3.

• Update cargo-audit@latest to 0.22.0.

• Update vacuum@latest to 0.20.1.

• Update uv@latest to 0.9.8.

• Update cargo-udeps@latest to 0.1.60.

• Update zizmor@latest to 1.16.3.

[2.62.47] - 2025-11-05

• Update vacuum@latest to 0.20.0.

• Update cargo-nextest@latest to 0.9.111.

• Update cargo-shear@latest to 1.6.2.

[2.62.46] - 2025-11-04

• Update vacuum@latest to 0.19.5.

• Update syft@latest to 1.37.0.

• Update mise@latest to 2025.11.2.

... (truncated)

Commits

• 44c6d64 Release 2.62.49
• 3a701df Update cargo-binstall@latest to 1.15.11
• 4242e04 Update cargo-auditable@latest to 0.7.2
• 3df5533 Update vacuum@latest to 0.20.2
• e797ba6 Release 2.62.48
• bcf91e0 Update mise@latest to 2025.11.3
• e78113b Update cargo-audit@latest to 0.22.0
• 0ef4864 Update vacuum@latest to 0.20.1
• 5eda7b1 Update uv@latest to 0.9.8
• 3853a41 Update cargo-udeps@latest to 0.1.60
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions