diff --git a/.github/workflows/check.buildifier.yml b/.github/workflows/check.buildifier.yml
index d68439e..a23cee5 100644
--- a/.github/workflows/check.buildifier.yml
+++ b/.github/workflows/check.buildifier.yml
@@ -34,7 +34,7 @@ jobs:
     continue-on-error: true
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
         with:
           egress-policy: audit
       - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
diff --git a/.github/workflows/check.codeql.yml b/.github/workflows/check.codeql.yml
index 87790c8..c272d0a 100644
--- a/.github/workflows/check.codeql.yml
+++ b/.github/workflows/check.codeql.yml
@@ -40,7 +40,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
         with:
           egress-policy: audit
       - name: Checkout repository
diff --git a/.github/workflows/check.lint-yaml.yml b/.github/workflows/check.lint-yaml.yml
index 58cf21e..eb82444 100644
--- a/.github/workflows/check.lint-yaml.yml
+++ b/.github/workflows/check.lint-yaml.yml
@@ -56,7 +56,7 @@ jobs:
       pull-requests: "read"
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
         with:
           disable-sudo: true
           egress-policy: block
@@ -83,7 +83,7 @@ jobs:
       pull-requests: "read"
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
         with:
           disable-sudo: true
           egress-policy: block
diff --git a/.github/workflows/check.scorecards.yml b/.github/workflows/check.scorecards.yml
index 7a56710..32f3fec 100644
--- a/.github/workflows/check.scorecards.yml
+++ b/.github/workflows/check.scorecards.yml
@@ -20,7 +20,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
         with:
           egress-policy: audit
       - name: "Checkout code"
diff --git a/.github/workflows/deploy.docs.yml b/.github/workflows/deploy.docs.yml
index d956816..b14c582 100644
--- a/.github/workflows/deploy.docs.yml
+++ b/.github/workflows/deploy.docs.yml
@@ -29,7 +29,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
         with:
           egress-policy: audit
       - name: "Setup: Checkout"
@@ -55,7 +55,7 @@ jobs:
     continue-on-error: true
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
         with:
           egress-policy: audit
       - name: "Deploy: GitHub Pages"
diff --git a/.github/workflows/module.build.yml b/.github/workflows/module.build.yml
index a7be83a..b41a945 100644
--- a/.github/workflows/module.build.yml
+++ b/.github/workflows/module.build.yml
@@ -122,7 +122,7 @@ jobs:
     continue-on-error: ${{ inputs.labs }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
         with:
           disable-sudo: true
           egress-policy: block
@@ -372,7 +372,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
         with:
           disable-sudo: true
           egress-policy: block
diff --git a/.github/workflows/on.pr.yml b/.github/workflows/on.pr.yml
index c75ffb5..a6436ca 100644
--- a/.github/workflows/on.pr.yml
+++ b/.github/workflows/on.pr.yml
@@ -32,7 +32,7 @@ jobs:
       contents: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
         with:
           egress-policy: audit
       - name: "Setup: Checkout"
@@ -50,7 +50,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
         with:
           egress-policy: audit
       - name: "Checkout Repository"
diff --git a/.github/workflows/on.push.yml b/.github/workflows/on.push.yml
index 4901412..aa695cc 100644
--- a/.github/workflows/on.push.yml
+++ b/.github/workflows/on.push.yml
@@ -30,7 +30,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0
         with:
           egress-policy: audit
       - name: "Setup: Checkout"