GitHub Action tj-actions/changed-files is compromised

See https://semgrep.dev/blog/2025/popular-github-action-tj-actionschanged-files-is-compromised/

https://github.com/search?q=org%3Apython+tj-actions&type=code

https://github.com/Ana06/get-changed-files could be used as a replacement, or you could rewrite the logic in a Python script. 