Skip to content

Commit db3e422

Browse files
authored
Upgrading tj-actions version to 46 (#1331)
------------------------------------------------------------------------------------------------------------ **Title:** Upgrading tj-actions to version 46 **Summary:** - Harden-Runner detection: tj-actions/changed-files action is compromised. This vulnerability exposed build secrets by printing CI/CD secrets in GitHub Actions build logs. This change upgrades the tj-actions to a version with the vulnerability fixed. **Relevant references:** [Security Issue Summary](https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised). - **Possible Drawbacks:** - None **Related GitHub Issues:**
1 parent 5bdd7bc commit db3e422

File tree

2 files changed

+2
-2
lines changed

2 files changed

+2
-2
lines changed

.github/actions/get-changed-demos/action.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ runs:
1515
using: "composite"
1616
steps:
1717
- id: changed-files
18-
uses: tj-actions/changed-files@v45
18+
uses: tj-actions/changed-files@v46
1919
with:
2020
# Exclude changes outside the current
2121
# directory and show path names

.github/workflows/build-pr.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@ jobs:
3030
- name: Get Changed Demos
3131
id: changed_demos
3232
if: env.BUILD_ALL_DEMOS == 'false'
33-
uses: tj-actions/changed-files@v35
33+
uses: tj-actions/changed-files@v46
3434
with:
3535
files: demonstrations/*.py
3636

0 commit comments

Comments
 (0)