chore(deps): update step-security/harden-runner action to v2.19.0 (main)

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
step-security/harden-runner	action	minor	v2.18.0 → v2.19.0

---

Release Notes

step-security/harden-runner (step-security/harden-runner)

v2.19.0

Compare Source

What's Changed

New Runner Support

Harden-Runner now supports Depot, Blacksmith, Namespace, and WarpBuild runners with the same egress monitoring, runtime monitoring, and policy enforcement available on GitHub-hosted runners.

Automated Incident Response for Supply Chain Attacks

• Global block list: Outbound connections to known malicious domains and IPs are now blocked even in audit mode.
• System-defined detection rules: Harden-Runner will trigger lockdown mode when a high risk event is detected during an active supply chain attack (for example, a process reading the memory of the runner worker process, a common technique for stealing GitHub Actions secrets).

Bug Fixes

Windows and macOS: stability and reliability fixes

Full Changelog: step-security/harden-runner@v2.18.0...v2.19.0

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

renovate[bot]
This pull request has been included in the following image tags:

ghcr.io/vexxhost/python-openstackclient:main
ghcr.io/vexxhost/python-openstackclient:latest
ghcr.io/vexxhost/python-openstackclient:ab1b122

Digest: ghcr.io/vexxhost/python-openstackclient@sha256:246eb15bcfd51b315f15c9e014b219a9baa64766160615ee42ed093a10fa32d3