diff --git a/.github/workflows/cd.edge.build.yml b/.github/workflows/cd.edge.build.yml
index e309a612..2612c6cf 100644
--- a/.github/workflows/cd.edge.build.yml
+++ b/.github/workflows/cd.edge.build.yml
@@ -21,7 +21,7 @@ jobs:
       id-token: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
+        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
         with:
           egress-policy: audit
       - name: Client Payload
diff --git a/.github/workflows/cd.release.build.yml b/.github/workflows/cd.release.build.yml
index 0bff0209..922593aa 100644
--- a/.github/workflows/cd.release.build.yml
+++ b/.github/workflows/cd.release.build.yml
@@ -22,7 +22,7 @@ jobs:
       id-token: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
+        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
         with:
           egress-policy: audit
       - name: Client Payload
diff --git a/.github/workflows/cd.release.yml b/.github/workflows/cd.release.yml
index 61826b65..ebe68440 100644
--- a/.github/workflows/cd.release.yml
+++ b/.github/workflows/cd.release.yml
@@ -18,7 +18,7 @@ jobs:
     if: github.repository == 'opencadc/science-platform'
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
+        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
         with:
           egress-policy: audit
       - name: Create release
diff --git a/.github/workflows/ci.commit.check.yml b/.github/workflows/ci.commit.check.yml
index 3f3db43a..a3f0b425 100644
--- a/.github/workflows/ci.commit.check.yml
+++ b/.github/workflows/ci.commit.check.yml
@@ -18,7 +18,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
+        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
         with:
           egress-policy: audit
       - name: Checkout code
diff --git a/.github/workflows/ci.linting.yml b/.github/workflows/ci.linting.yml
index 2c8839de..db851729 100644
--- a/.github/workflows/ci.linting.yml
+++ b/.github/workflows/ci.linting.yml
@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
+        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
         with:
           egress-policy: audit
       - name: Checkout code
@@ -32,7 +32,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
+        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
         with:
           egress-policy: audit
       - name: Checkout code
diff --git a/.github/workflows/ci.testing.yml b/.github/workflows/ci.testing.yml
index 7856543d..6dac3557 100644
--- a/.github/workflows/ci.testing.yml
+++ b/.github/workflows/ci.testing.yml
@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
+        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
         with:
           egress-policy: audit
       - name: Checkout code
@@ -47,7 +47,7 @@ jobs:
       id-token: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
+        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
         with:
           egress-policy: audit
       - name: Download coverage artifacts
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 520ee793..beab28e7 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -37,7 +37,7 @@ jobs:
           build-mode: none
     steps:
     - name: Harden Runner
-      uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
+      uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
       with:
         egress-policy: audit
     - name: Checkout repository
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 19c39d3d..e1a1bbca 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -32,7 +32,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
+        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
         with:
           egress-policy: audit
       - name: "Checkout code"