chore(deps): update all non-major dependencies

[renovate-bot]

This PR contains the following updates:

Package	Type	Update	Change
actions/dependency-review-action	action	patch	v4.3.3 -> v4.3.4
actions/setup-go	action	patch	v5.0.1 -> v5.0.2
actions/setup-python	action	patch	v5.1.0 -> v5.1.1
github/codeql-action	action	patch	v3.25.10 -> v3.25.15
ossf/scorecard-action	action	minor	v2.3.3 -> v2.4.0
step-security/harden-runner	action	minor	v2.8.1 -> v2.9.0

---

Release Notes

actions/dependency-review-action (actions/dependency-review-action)

v4.3.4

Compare Source

What's Changed

• Include all added dependencies in scorecard entries by @​elireisman in https://github.com/actions/dependency-review-action/pull/783
• Update SPDX Expression Parsing by @​febuiles in https://github.com/actions/dependency-review-action/pull/719
  • This PR is a significant refactor of SPDX expression parsing that may fix some bugs, but unfortunately there are several related known issues that remain unresolved as of this version.

Full Changelog: actions/dependency-review-action@v4.3.3...v4.3.4

actions/setup-go (actions/setup-go)

v5.0.2

Compare Source

actions/setup-python (actions/setup-python)

v5.1.1

Compare Source

What's Changed

Bug fixes:

• fix(ci): update all failing workflows by @​mayeut in https://github.com/actions/setup-python/pull/863
  This update ensures compatibility and optimal performance of workflows on the latest macOS version.

Documentation changes:

• Documentation update for cache by @​gowridurgad in https://github.com/actions/setup-python/pull/873

Dependency updates:

• Bump braces from 3.0.2 to 3.0.3 and undici from 5.28.3 to 5.28.4 by @​dependabot in https://github.com/actions/setup-python/pull/893

New Contributors

• @​gowridurgad made their first contribution in https://github.com/actions/setup-python/pull/873

Full Changelog: actions/setup-python@v5...v5.1.1

github/codeql-action (github/codeql-action)

v3.25.15

Compare Source

v3.25.14

Compare Source

v3.25.13

Compare Source

v3.25.12

Compare Source

v3.25.11

Compare Source

ossf/scorecard-action (ossf/scorecard-action)

v2.4.0

Compare Source

step-security/harden-runner (step-security/harden-runner)

v2.9.0

Compare Source

What's Changed

Release v2.9.0 by @​h0x0er and @​varunsh-coder in https://github.com/step-security/harden-runner/pull/435
This release includes:

• Enterprise Tier - Telemetry Upload Enhancement:
  For the enterprise tier, this change helps overcome size constraints, allowing for more reliable telemetry uploads from the Harden-Runner agent to the StepSecurity backend API. No configuration change is needed to enable this.
• Harden-Runner Agent Authentication:
  The Harden-Runner agent now uses a per-job key to authenticate to the StepSecurity backend API to submit telemetry. This change prevents the submission of telemetry data anonymously for a given job, improving the integrity of the data collection process. No configuration change is needed to enable this.
• README Update:
  A Table of Contents has been added to the README file to improve navigation. This makes it easier for users to find the information they need quickly.
• Dependency Update:
  Updated the braces npm package dependency to a non-vulnerable version. The vulnerability in braces did not affect the Harden Runner Action

Full Changelog: step-security/harden-runner@v2...v2.9.0

---

Configuration

📅 Schedule: Branch creation - "before 4am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.