This action create a commit with dist directories and pushes a branch or tag to release a new version. It supports three kinds of releases: If you write JavaScript Actions in TypeScript, you need to ...

The tj-actions/changed-files Attack Explained On March 14, security researchers spotted that the source code of tj-actions/changed-files had been modified. GitHub Actions are continuous integration ...

The compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it, with it estimated that only 218 repositories exposed secrets due to ...

CISA warns of CVE-2025-30066, a GitHub supply chain attack exposing secrets via compromised actions logs. Update tj-actions/changed-files by April 4.

A supply chain attack on the widely used 'tj-actions/changed-files' GitHub Action, used by 23,000 repositories, potentially allowed threat actors to steal CI/CD ...

Researchers say compromised tool in the GitHub CI/CD environment stole credentials; infosec leaders need to act immediately.

On Friday, cybersecurity firm StepSecurity warned of a security incident impacting the tj-actions/changed-files GitHub Action, a popular tool used to track file changes and trigger other actions ...

The tj-actions/changed-files GitHub Action, which is used in 23,000 repositories, has been targeted in a supply chain attack.

GitHub’s integrated automated workflow mechanism called GitHub Actions promotes the use of Actions as reusable building blocks in workflows. The majority of those Actions are developed in JavaScript ...