diff --git a/.github/workflows/check.buildifier.yml b/.github/workflows/check.buildifier.yml
index d68439e..740e28d 100644
--- a/.github/workflows/check.buildifier.yml
+++ b/.github/workflows/check.buildifier.yml
@@ -34,7 +34,7 @@ jobs:
     continue-on-error: true
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
         with:
           egress-policy: audit
       - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
diff --git a/.github/workflows/check.codeql.yml b/.github/workflows/check.codeql.yml
index 87790c8..f833021 100644
--- a/.github/workflows/check.codeql.yml
+++ b/.github/workflows/check.codeql.yml
@@ -40,7 +40,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
         with:
           egress-policy: audit
       - name: Checkout repository
diff --git a/.github/workflows/check.lint-yaml.yml b/.github/workflows/check.lint-yaml.yml
index 58cf21e..b01ad82 100644
--- a/.github/workflows/check.lint-yaml.yml
+++ b/.github/workflows/check.lint-yaml.yml
@@ -56,7 +56,7 @@ jobs:
       pull-requests: "read"
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
         with:
           disable-sudo: true
           egress-policy: block
@@ -83,7 +83,7 @@ jobs:
       pull-requests: "read"
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
         with:
           disable-sudo: true
           egress-policy: block
diff --git a/.github/workflows/check.scorecards.yml b/.github/workflows/check.scorecards.yml
index 7a56710..a337e9f 100644
--- a/.github/workflows/check.scorecards.yml
+++ b/.github/workflows/check.scorecards.yml
@@ -20,7 +20,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
         with:
           egress-policy: audit
       - name: "Checkout code"
diff --git a/.github/workflows/deploy.docs.yml b/.github/workflows/deploy.docs.yml
index d956816..b3f1435 100644
--- a/.github/workflows/deploy.docs.yml
+++ b/.github/workflows/deploy.docs.yml
@@ -29,7 +29,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
         with:
           egress-policy: audit
       - name: "Setup: Checkout"
@@ -55,7 +55,7 @@ jobs:
     continue-on-error: true
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
         with:
           egress-policy: audit
       - name: "Deploy: GitHub Pages"
diff --git a/.github/workflows/module.build.yml b/.github/workflows/module.build.yml
index a7be83a..5cb4d9e 100644
--- a/.github/workflows/module.build.yml
+++ b/.github/workflows/module.build.yml
@@ -122,7 +122,7 @@ jobs:
     continue-on-error: ${{ inputs.labs }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
         with:
           disable-sudo: true
           egress-policy: block
@@ -372,7 +372,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
         with:
           disable-sudo: true
           egress-policy: block
diff --git a/.github/workflows/on.pr.yml b/.github/workflows/on.pr.yml
index c75ffb5..2a8d319 100644
--- a/.github/workflows/on.pr.yml
+++ b/.github/workflows/on.pr.yml
@@ -32,7 +32,7 @@ jobs:
       contents: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
         with:
           egress-policy: audit
       - name: "Setup: Checkout"
@@ -50,7 +50,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
         with:
           egress-policy: audit
       - name: "Checkout Repository"
diff --git a/.github/workflows/on.push.yml b/.github/workflows/on.push.yml
index 4901412..5713b17 100644
--- a/.github/workflows/on.push.yml
+++ b/.github/workflows/on.push.yml
@@ -30,7 +30,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+        uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
         with:
           egress-policy: audit
       - name: "Setup: Checkout"