fix: update tj-actions/changed-files to v47.0.5 (CVE fix)

kaleko · kaleko · commit 204c0f8ef963 · 2026-03-25T17:11:52.000Z
Resolves GHSA-mrrh-fwg8-r2c3 and GHSA-mcph-m25j-8j63 supply chain vulnerabilities in the pinned v46 commit.
diff --git a/.github/workflows/ash-security-scan.yml b/.github/workflows/ash-security-scan.yml
@@ -19,7 +19,7 @@ jobs:
 
       - name: Get changed files
         id: changed-files
-        uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46
+        uses: tj-actions/changed-files@22103cc46bda19c2b464ffe86db46df6922fd323 # v47.0.5
         with:
           files: |
             **/*.py
