Bump step-security/harden-runner

Bumps the github_actions group with 1 update in the /.github/workflows directory: [step-security/harden-runner](https://github.com/step-security/harden-runner).


Updates `step-security/harden-runner` from 2.10.2 to 2.12.0
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](step-security/harden-runner@v2.10.2...v2.12.0)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.12.0
  dependency-type: direct:production
  dependency-group: github_actions
...

Signed-off-by: dependabot[bot] <[email protected]>

Author: dependabot[bot]

.github/workflows/npm-publish.yml

@@ -94,7 +94,7 @@ jobs:
       contents: read
       id-token: write
     steps:
-      - uses: step-security/harden-runner@v2.10.2
+      - uses: step-security/harden-runner@v2.12.0
         with:
           egress-policy: block
           allowed-endpoints: >

.github/workflows/release.yml

@@ -15,7 +15,7 @@ jobs:
       contents: write
 
     steps:
-      - uses: step-security/harden-runner@v2.10.2
+      - uses: step-security/harden-runner@v2.12.0
         with:
           allowed-endpoints:
             api.github.com:443