Bump step-security/harden-runner from 2.8.1 to 2.9.0 in the all group (…

…chainguard-dev#373)

Bumps the all group with 1 update: [step-security/harden-runner](https://github.com/step-security/harden-runner).


Updates `step-security/harden-runner` from 2.8.1 to 2.9.0
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](step-security/harden-runner@17d0e2b...0d38121)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Evan Gibler <20933572+egibs@users.noreply.github.com>

.github/workflows/go-tests.yaml

@@ -19,7 +19,7 @@ jobs:
       contents: read
 
     steps:
-      - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
+      - uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
         with:
           egress-policy: audit
 

.github/workflows/release.yaml

@@ -15,7 +15,7 @@ jobs:
     if: ${{ github.repository }} == 'chainguard-dev/bincapz'
     runs-on: ubuntu-latest
     steps:
-    - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6
+    - uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c
       with:
         egress-policy: audit
     - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332

.github/workflows/version.yaml

@@ -21,7 +21,7 @@ jobs:
     if: ${{ github.repository }} == 'chainguard-dev/bincapz'
     runs-on: ubuntu-latest
     steps:
-    - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6
+    - uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c
       with:
         egress-policy: audit 
     - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332