[Github] Change to step-security fork of changed actions

The tj-actions/changed-files repo has been taken down to the security incident (https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised). This patch moves these jobs over step-security's fork, which has been loosely audited and has had the malicious commits removed. This is mainly intended as a stop-gap to get these actions running again while we figure out the best path forward.
2025-03-15 20:56:29 +00:00 · 2025-03-15 20:56:29 +00:00 · 6616acd80c
commit 6616acd80c
parent 7c26407a20
2 changed files with 2 additions and 2 deletions
--- a/.github/workflows/docs.yml
+++ b/.github/workflows/docs.yml
@ -65,7 +65,7 @@ jobs:
          fetch-depth: 1
      - name: Get subprojects that have doc changes
        id: docs-changed-subprojects
-        uses: tj-actions/changed-files@dcc7a0cba800f454d79fff4b993e8c3555bcc0a8 # v45.0.7
+        uses: step-security/changed-files@3dbe17c78367e7d60f00d78ae6781a35be47b4a1 # v45.0.1
        with:
          files_yaml: |
            llvm:
--- a/.github/workflows/pr-code-format.yml
+++ b/.github/workflows/pr-code-format.yml
@ -32,7 +32,7 @@ jobs:

      - name: Get changed files
        id: changed-files
-        uses: tj-actions/changed-files@fea790cb660e33aef4bdf07304e28fedd77dfa13 # v39.2.4
+        uses: step-security/changed-files@3dbe17c78367e7d60f00d78ae6781a35be47b4a1 # v45.0.1
        with:
          separator: ","
          skip_initial_fetch: true