Security-Issue: tj-actions/changed-files Action

[Tranquility2]

@realjenius Updated:

Hello all! Out of an abundance of caution due to this security report, Docker Security has disabled Github Actions for the testcontainers-python repository until we can remove use of the tj-actions/changed-files Github Action in the workflows.

The suggested action is to move to an alternative solution (like path-filter) with no known vulnerabilities. Sorry for the inconvenience!

[alexanderankin]

https://github.com/tj-actions/changed-files

[alexanderankin]

GitHub simply removed this repository?

[Tranquility2]

That's one option or blocked access, "Someone committed a base64-encoded payload that runs a script that in turn prints out encoded secrets…"

[realjenius]

Thank you all - appreciate everyone taking care of this so quickly! 👍