diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml
index b0a4b060c7..004c88360e 100644
--- a/.github/workflows/npm-publish.yml
+++ b/.github/workflows/npm-publish.yml
@@ -97,7 +97,7 @@ jobs:
       contents: read
       id-token: write
     steps:
-      - uses: step-security/harden-runner@v1
+      - uses: step-security/harden-runner@v2
         with:
           egress-policy: block
           allowed-endpoints: >
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 3a957f007c..3ea4e63f84 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -15,7 +15,7 @@ jobs:
       contents: write
 
     steps:
-      - uses: step-security/harden-runner@v1
+      - uses: step-security/harden-runner@v2
         with:
           allowed-endpoints:
             api.github.com:443