Changes in v46.0.5
What's Changed
- Upgraded to v46.0.4 by @github-actions in #2511
- chore(deps): bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 by @dependabot in #2523
- chore(deps): bump tj-actions/branch-names from 8.0.1 to 8.1.0 by @dependabot in #2521
- chore(deps): bump github/codeql-action from 3.28.12 to 3.28.15 by @dependabot in #2530
- chore(deps-dev): bump ts-jest from 29.2.6 to 29.3.1 by @dependabot in #2518
- chore(deps-dev): bump eslint-plugin-prettier from 5.2.3 to 5.2.6 by @dependabot in #2519
- chore(deps-dev): bump @types/node from 22.13.11 to 22.14.0 by @dependabot in #2517
- chore(deps-dev): bump typescript from 5.8.2 to 5.8.3 by @dependabot in #2516
- chore(deps): bump yaml from 2.7.0 to 2.7.1 by @dependabot in #2520
Full Changelog: v46...v46.0.5
Changes in v46.0.4
What's Changed
- Upgraded to v46.0.3 by @github-actions in #2506
- docs: update readme by @jackton1 in #2508
- fix: bug modified_keys and changed_key outputs not set when no changes detected by @jackton1 in #2509
Full Changelog: v46...v46.0.4
Changes in v46.0.3
What's Changed
- Updated README.md by @github-actions in #2499
- Updated README.md by @github-actions in #2501
- Upgraded to v46.0.2 by @github-actions in #2500
- chore(deps-dev): bump @types/node from 22.13.10 to 22.13.11 by @dependabot in #2502
- chore: pin github actions by @jackton1 in #2503
- doc: remove warning by @jackton1 in #2504
- chore(deps): bump test/demo from
5dfac2etoc6bd3b3by @dependabot in #2505
Full Changelog: v46...v46.0.3
Changes in v46.0.2
What's Changed
- Upgraded to v46.0.1 by @github-actions in #2474
- add hint to revoke leaked token by @undefined-moe in #2475
- Updated README.md by @github-actions in #2476
- doc: update README.md by @jackton1 in #2478
- Updated README.md by @github-actions in #2479
- docs: remove link to commit by @jackton1 in #2481
- chore(deps): bump actions/setup-node from 4.2.0 to 4.3.0 by @dependabot in #2484
- docs: update versions by @jackton1 in #2488
- docs: add RajendraP as a contributor for doc by @allcontributors in #2491
- Updated README.md by @github-actions in #2492
- fix: update log message when attempting to locate merge base by @jackton1 in #2493
- docs: Update update-readme.yml to use commit hashes in the docs by @jackton1 in #2495
- Updated README.md by @github-actions in #2496
- chore: update sync-release-version.yml to use commit hash for tags in docs by @jackton1 in #2497
- docs: add undefined-moe as a contributor for doc by @allcontributors in #2498
New Contributors
- @undefined-moe made their first contribution in #2475
Full Changelog: v46...v46.0.2
Changes in v46.0.1
Warning
Security Alert: A critical security issue was identified in this action due to a compromised commit.
This commit has been removed from all tags and branches, and necessary measures have been implemented to prevent similar issues in the future.
Action Required:
- Review your workflows executed between March 14 and March 15. If you notice unexpected output under the
changed-filessection, decode it using the following command:echo 'xxx' | base64 -d | base64 -d
If the output contains sensitive information (e.g., tokens or secrets), revoke and rotate those secrets immediately. - If your workflows reference this commit directly by its SHA, you must update them immediately to avoid using the compromised version.
- If you are using tagged versions (e.g.,
v35,v44.5.1), no action is required as these tags have been updated and are now safe to use.
Additionally, as a precaution, we recommend rotating any secrets that may have been exposed during this timeframe to ensure the continued security of your workflows.
What's Changed
- update: sync-release-version.yml to use signed commits by @jackton1 in #2472
- Updated README.md by @github-actions in #2473
Full Changelog: v46...v46.0.1
Changes in v46.0.0
Warning
Security Alert: A critical security issue was identified in this action due to a compromised commit.
This commit has been removed from all tags and branches, and necessary measures have been implemented to prevent similar issues in the future.
Action Required:
- Review your workflows executed between March 14 and March 15. If you notice unexpected output under the
changed-filessection, decode it using the following command:echo 'xxx' | base64 -d | base64 -d
If the output contains sensitive information (e.g., tokens or secrets), revoke and rotate those secrets immediately. - If your workflows reference this commit directly by its SHA, you must update them immediately to avoid using the compromised version.
- If you are using tagged versions (e.g.,
v35,v44.5.1), no action is required as these tags have been updated and are now safe to use.
Additionally, as a precaution, we recommend rotating any secrets that may have been exposed during this timeframe to ensure the continued security of your workflows.
What's Changed
- docs: update docs to highlight security issues by @jackton1 in #2465
- fix: update github workflow update-readme.yml by @jackton1 in #2466
- fix: update permission in update-readme.yml workflow by @jackton1 in #2467
- fix: update update-readme.yml to sign-commits by @jackton1 in #2468
- Updated README.md by @github-actions in #2469
- update: sync-release-version.yml by @jackton1 in #2471
New Contributors
- @github-actions made their first contribution in #2469
Full Changelog: v45.0.5...v46.0.0
What's Changed
- docs: update docs to highlight security issues by @jackton1 in #2465
- fix: update github workflow update-readme.yml by @jackton1 in #2466
- fix: update permission in update-readme.yml workflow by @jackton1 in #2467
- fix: update update-readme.yml to sign-commits by @jackton1 in #2468
- Updated README.md by @github-actions in #2469
- update: sync-release-version.yml by @jackton1 in #2471
Full Changelog: v45.0.5...v46.0.0
Contributors
jackton1, dependabot, and 2 other contributors