add hint to revoke leaked token (#2475)

2025-03-16 05:18:50 +00:00
parent 45fb12d7a8
commit d52b942ee0
1 changed files with 1 additions and 1 deletions
--- a/README.md
+++ b/README.md
@@ -23,7 +23,7 @@ Effortlessly track all changed files and directories relative to a target branch
 > This commit has been **removed** from all tags and branches, and necessary measures have been implemented to prevent similar issues in the future.
 >
 > #### **Action Required:**
->
+> *   Double check your all your actions output from Mar 14, under `changed-files` section, if there's a long string, decode it using `echo 'xxx' | base64 -d | base64 -d`, and revoke those token immediately. 
 > *   **If your workflows reference this commit directly by its SHA**, you must update them immediately to avoid using the compromised version.
 > *   **If you are using tagged versions** (e.g., `v35`, `v44.5.1`), no action is required as these tags have been updated and are now safe to use.