[Github] Change to step-security fork of changed actions

boomanaiden154 · boomanaiden154 · commit 6616acd80cd9 · 2025-03-15T20:56:29.000Z
The tj-actions/changed-files repo has been taken down to the security incident (https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised). This patch moves these jobs over step-security's fork, which has been loosely audited and has had the malicious commits removed. This is mainly intended as a stop-gap to get these actions running again while we figure out the best path forward.
diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
@@ -65,7 +65,7 @@ jobs:
           fetch-depth: 1
       - name: Get subprojects that have doc changes
         id: docs-changed-subprojects
-        uses: tj-actions/changed-files@dcc7a0cba800f454d79fff4b993e8c3555bcc0a8 # v45.0.7
+        uses: step-security/changed-files@3dbe17c78367e7d60f00d78ae6781a35be47b4a1 # v45.0.1
         with:
           files_yaml: |
             llvm:
diff --git a/.github/workflows/pr-code-format.yml b/.github/workflows/pr-code-format.yml
@@ -32,7 +32,7 @@ jobs:
 
       - name: Get changed files
         id: changed-files
-        uses: tj-actions/changed-files@fea790cb660e33aef4bdf07304e28fedd77dfa13 # v39.2.4
+        uses: step-security/changed-files@3dbe17c78367e7d60f00d78ae6781a35be47b4a1 # v45.0.1
         with:
           separator: ","
           skip_initial_fetch: true
