Use step-security/harden-runner in the Analyze job

Since this Action should be used in every job we need to use it here.

Author: mcdonnnj

.github/workflows/codeql-analysis.yml

@@ -38,9 +38,9 @@ jobs:
         name: Dump context
         uses: crazy-max/ghaction-dump-context@v2
   analyze:
+    name: Analyze
     needs:
       - diagnostics
-    name: Analyze
     runs-on: ubuntu-latest
     permissions:
       # required for all workflows
@@ -56,6 +56,12 @@ jobs:
         # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection
 
     steps:
+      - id: harden-runner
+        name: Harden the runner
+        uses: step-security/harden-runner@v2
+        with:
+          egress-policy: audit
+
       - name: Checkout repository
         uses: actions/checkout@v4