zmkfirmware
/
zmk
mirror of https://github.com/zmkfirmware/zmk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix(ci): pin tj-actions/changed-files due to compromise (#2874) 

Ideally it's be swapped out for an alternative but for now this is to mitigate.
This commit is contained in:
JJGadgets 2025-03-15 14:25:01 +08:00 committed by GitHub
parent 5d9920406c
commit 4da89bd997
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/build.yml vendored
View File

@ -430,7 +430,7 @@ jobs:
uses: actions/checkout@v4
with:
persist-credentials: false
- uses: tj-actions/changed-files@v45
- uses: tj-actions/changed-files@9200e69727eb73eb060652b19946b8a2fdfb654b # pin to v45.0.8 due to https://github.com/tj-actions/changed-files/issues/2463 https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised
id: changed-files
with:
json: true