Updated to pin dependent actions with full sha

.github/workflows/sec-auto-merge.yml

@@ -1,33 +0,0 @@
-name: Auto merge and fix conflicts
-on:
-  push:
-    branches:
-      - main
-
-jobs:
-  automerge-sec:
-    runs-on: ubuntu-latest
-    name: Auto merge and fix merge conflicts
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-          persist-credentials: false
-
-      - name: Fix merge conflicts
-        run: |
-          git config --local user.email "github-actions[bot]@users.noreply.github.com"
-          git config --local user.name "github-actions[bot]"
-          
-          git checkout sec
-          
-          git merge --no-edit --no-ff --strategy-option=ours main
-
-      - name: Push changes
-        uses: ad-m/github-push-action@master
-        continue-on-error: true
-        with:
-          github_token: ${{ secrets.PAT_TOKEN }}
-          branch: sec

.github/workflows/submodule-sync.yml

@@ -19,7 +19,7 @@ jobs:
           git submodule update --remote --recursive
       
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v4.2.4
+        uses: peter-evans/create-pull-request@v4.2.3
         with:
           title: "Updated submodule"
           labels: "merge when passing"

.github/workflows/sync-release-version.yml

@@ -5,31 +5,6 @@ on:
 
 
 jobs:
-  create-sec-tag:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-          ref: sec
-      - name: Get branch name
-        id: branch-name
-        uses: tj-actions/branch-names@v6
-
-      - name: Generate new tag
-        id: generate-tag
-        run: |
-          git config --local user.email "github-actions[bot]@users.noreply.github.com"
-          git config --local user.name "github-actions[bot]"
-          git tag -a ${{ steps.branch-name.outputs.tag }}-sec -m "Security release for ${{ steps.branch-name.outputs.tag }}"
-
-      - name: Push tag
-        uses: ad-m/github-push-action@master
-        with:
-          tags: true
-          github_token: ${{ secrets.PAT_TOKEN }}
-          branch: sec
-
   update-version:
     runs-on: ubuntu-latest
     steps:
@@ -51,7 +26,7 @@ jobs:
         with:
           output: 'HISTORY.md'
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@v4.2.4
+        uses: peter-evans/create-pull-request@v4.2.3
         with:
           base: "main"
           labels: "merge when passing"

.github/workflows/update-readme.yml

@@ -20,7 +20,7 @@ jobs:
         uses: tj-actions/remark@v3
 
       - name: Verify Changed files
-        uses: tj-actions/verify-changed-files@v14
+        uses: tj-actions/verify-changed-files@v13
         id: verify_changed_files
         with:
           files: |

HISTORY.md

@@ -1,44 +1,21 @@
 # Changelog
 
-## [v35.7.2](https://github.com/tj-actions/changed-files/tree/v35.7.2) (2023-03-17)
-
-[Full Changelog](https://github.com/tj-actions/changed-files/compare/v35...v35.7.2)
-
-## [v35](https://github.com/tj-actions/changed-files/tree/v35) (2023-03-17)
-
-[Full Changelog](https://github.com/tj-actions/changed-files/compare/v35.7.1-sec...v35)
-
-**Fixed bugs:**
-
-- \[BUG\] all\_old\_new\_renamed\_files Gets all files renamed files from history [\#1030](https://github.com/tj-actions/changed-files/issues/1030)
-
-**Closed issues:**
-
-- Dependency Dashboard [\#27](https://github.com/tj-actions/changed-files/issues/27)
-
-**Merged pull requests:**
-
-- Bump tj-actions/glob from 16.11 to 16.12 [\#1032](https://github.com/tj-actions/changed-files/pull/1032) ([dependabot[bot]](https://github.com/apps/dependabot))
-- chore: update README.md [\#1031](https://github.com/tj-actions/changed-files/pull/1031) ([jackton1](https://github.com/jackton1))
-- chore\(deps\): update peter-evans/create-pull-request action to v4.2.4 [\#1028](https://github.com/tj-actions/changed-files/pull/1028) ([renovate[bot]](https://github.com/apps/renovate))
-- Upgraded to v35.7.1 [\#1027](https://github.com/tj-actions/changed-files/pull/1027) ([jackton1](https://github.com/jackton1))
-
-## [v35.7.1-sec](https://github.com/tj-actions/changed-files/tree/v35.7.1-sec) (2023-03-14)
-
-[Full Changelog](https://github.com/tj-actions/changed-files/compare/v35-sec...v35.7.1-sec)
-
-## [v35-sec](https://github.com/tj-actions/changed-files/tree/v35-sec) (2023-03-14)
-
-[Full Changelog](https://github.com/tj-actions/changed-files/compare/v35.7.1...v35-sec)
-
 ## [v35.7.1](https://github.com/tj-actions/changed-files/tree/v35.7.1) (2023-03-14)
 
-[Full Changelog](https://github.com/tj-actions/changed-files/compare/v35.7.0-sec...v35.7.1)
+[Full Changelog](https://github.com/tj-actions/changed-files/compare/v35...v35.7.1)
+
+## [v35](https://github.com/tj-actions/changed-files/tree/v35) (2023-03-14)
+
+[Full Changelog](https://github.com/tj-actions/changed-files/compare/v35.7.0-sec...v35)
 
 **Fixed bugs:**
 
 - \[BUG\] Error in GitHub Action dependencies tj-actions/glob and tj-actions/json2file [\#1023](https://github.com/tj-actions/changed-files/issues/1023)
 
+**Closed issues:**
+
+- Dependency Dashboard [\#27](https://github.com/tj-actions/changed-files/issues/27)
+
 **Merged pull requests:**
 
 - Updated README.md [\#1026](https://github.com/tj-actions/changed-files/pull/1026) ([jackton1](https://github.com/jackton1))
@@ -47,7 +24,11 @@
 
 ## [v35.7.0-sec](https://github.com/tj-actions/changed-files/tree/v35.7.0-sec) (2023-03-13)
 
-[Full Changelog](https://github.com/tj-actions/changed-files/compare/v35.7.0...v35.7.0-sec)
+[Full Changelog](https://github.com/tj-actions/changed-files/compare/v35-sec...v35.7.0-sec)
+
+## [v35-sec](https://github.com/tj-actions/changed-files/tree/v35-sec) (2023-03-13)
+
+[Full Changelog](https://github.com/tj-actions/changed-files/compare/v35.7.0...v35-sec)
 
 **Implemented enhancements:**
 
@@ -710,7 +691,7 @@
 
 ## [v34.3.3](https://github.com/tj-actions/changed-files/tree/v34.3.3) (2022-11-08)
 
-[Full Changelog](https://github.com/tj-actions/changed-files/compare/v34.3.2...v34.3.3)
+[Full Changelog](https://github.com/tj-actions/changed-files/compare/v34.3.1...v34.3.3)
 
 **Fixed bugs:**
 
@@ -725,13 +706,13 @@
 - chore: update readme [\#784](https://github.com/tj-actions/changed-files/pull/784) ([jackton1](https://github.com/jackton1))
 - Upgraded to v34.3.2 [\#781](https://github.com/tj-actions/changed-files/pull/781) ([jackton1](https://github.com/jackton1))
 
-## [v34.3.2](https://github.com/tj-actions/changed-files/tree/v34.3.2) (2022-11-07)
-
-[Full Changelog](https://github.com/tj-actions/changed-files/compare/v34.3.1...v34.3.2)
-
 ## [v34.3.1](https://github.com/tj-actions/changed-files/tree/v34.3.1) (2022-11-07)
 
-[Full Changelog](https://github.com/tj-actions/changed-files/compare/v34.3.0...v34.3.1)
+[Full Changelog](https://github.com/tj-actions/changed-files/compare/v34.3.2...v34.3.1)
+
+## [v34.3.2](https://github.com/tj-actions/changed-files/tree/v34.3.2) (2022-11-07)
+
+[Full Changelog](https://github.com/tj-actions/changed-files/compare/v34.3.0...v34.3.2)
 
 **Fixed bugs:**
 
@@ -1064,7 +1045,7 @@
 
 ## [v31.0.0](https://github.com/tj-actions/changed-files/tree/v31.0.0) (2022-09-25)
 
-[Full Changelog](https://github.com/tj-actions/changed-files/compare/v30...v31.0.0)
+[Full Changelog](https://github.com/tj-actions/changed-files/compare/v30.0.0...v31.0.0)
 
 **Merged pull requests:**
 
@@ -1077,13 +1058,13 @@
 - chore: update broken link [\#642](https://github.com/tj-actions/changed-files/pull/642) ([jackton1](https://github.com/jackton1))
 - Upgraded to v30.0.0 [\#641](https://github.com/tj-actions/changed-files/pull/641) ([jackton1](https://github.com/jackton1))
 
-## [v30](https://github.com/tj-actions/changed-files/tree/v30) (2022-09-24)
-
-[Full Changelog](https://github.com/tj-actions/changed-files/compare/v30.0.0...v30)
-
 ## [v30.0.0](https://github.com/tj-actions/changed-files/tree/v30.0.0) (2022-09-24)
 
-[Full Changelog](https://github.com/tj-actions/changed-files/compare/v29.0.9...v30.0.0)
+[Full Changelog](https://github.com/tj-actions/changed-files/compare/v30...v30.0.0)
+
+## [v30](https://github.com/tj-actions/changed-files/tree/v30) (2022-09-24)
+
+[Full Changelog](https://github.com/tj-actions/changed-files/compare/v29.0.9...v30)
 
 **Fixed bugs:**
 
@@ -2030,7 +2011,7 @@
 
 ## [v12](https://github.com/tj-actions/changed-files/tree/v12) (2021-12-14)
 
-[Full Changelog](https://github.com/tj-actions/changed-files/compare/v11...v12)
+[Full Changelog](https://github.com/tj-actions/changed-files/compare/v11.9...v12)
 
 **Implemented enhancements:**
 
@@ -2048,13 +2029,13 @@
 - \[PR 1\]: Renamed all\_modified\_files to all\_changed\_files [\#283](https://github.com/tj-actions/changed-files/pull/283) ([jackton1](https://github.com/jackton1))
 - Upgraded to v11.9 [\#280](https://github.com/tj-actions/changed-files/pull/280) ([jackton1](https://github.com/jackton1))
 
-## [v11](https://github.com/tj-actions/changed-files/tree/v11) (2021-12-04)
-
-[Full Changelog](https://github.com/tj-actions/changed-files/compare/v11.9...v11)
-
 ## [v11.9](https://github.com/tj-actions/changed-files/tree/v11.9) (2021-12-04)
 
-[Full Changelog](https://github.com/tj-actions/changed-files/compare/v1.3.1...v11.9)
+[Full Changelog](https://github.com/tj-actions/changed-files/compare/v11...v11.9)
+
+## [v11](https://github.com/tj-actions/changed-files/tree/v11) (2021-12-04)
+
+[Full Changelog](https://github.com/tj-actions/changed-files/compare/v1.3.1...v11)
 
 **Implemented enhancements:**
 

README.md

@@ -15,7 +15,7 @@
 
 ## changed-files
 
-Retrieve all changed files and directories relative to a target branch, preceeding commit or the last remote commit returning a **relative paths** from the project root.
+Retrieve all changed files and directories relative to the target branch or the last remote commit returning a **relative path** from the project root.
 
 ## Table of contents
 
@@ -63,7 +63,7 @@ Retrieve all changed files and directories relative to a target branch, preceedi
 >
 > *   **IMPORTANT:** For `push` events you need to include `fetch-depth: 0` **OR** `fetch-depth: 2` depending on your use case.
 > *   For monorepos where pulling all the branch history might not be desired, you can omit `fetch-depth` for `pull_request` events.
-> *   For files located in a sub-directory ensure that the pattern specified contains `**/` (globstar) to match any preceding directories or explicitly pass the full path relative to the project root. See: [Pattern Gotcha](https://github.com/tj-actions/glob#pattern-gotcha).
+> *   For files located in a sub-directory ensure that the pattern specified contains `**/` (globstar) to match any preceding directories or explicitly pass the full path relative to the project root. See: [#314](https://github.com/tj-actions/changed-files/issues/314).
 > *   All multiline inputs should not use double or single quotes since the value is already a string seperated by a newline character. See [Examples](#examples) for more information.
 > *   Ensure that `persist-credentials` is set to `true` when configuring `actions/checkout` if `fetch-depth` isn't set to `0`.
 
@@ -120,19 +120,18 @@ jobs:
           echo "List all the files that have changed: ${{ steps.changed-files-specific.outputs.all_changed_files }}"
       
       # Example 3
-      - name: Get all changed *.js file(s) or any file in the static folder excluding the docs folder
+      - name: Get changed js files excluding the docs folder
         id: changed-files-excluded
         uses: tj-actions/changed-files@v35
         with:
           files: |
             **/*.js
-            static
+          files_ignore: docs/** # Alternatively using: `docs`
-          files_ignore: docs
 
-      - name: Run step if any *.js file(s) or any file in the static folder change
+      - name: Run step if any other js file(s) change
         if: steps.changed-files-excluded.outputs.any_changed == 'true'
         run: |
-          echo "One or more *.js file(s) or any file in the static folder but not in the doc folder has changed."
+          echo "One or more js files not in the doc folder has changed."
           echo "List all the files that have changed: ${{ steps.changed-files-excluded.outputs.all_changed_files }}"
 ```
 

action.yml

@@ -208,7 +208,7 @@ runs:
         INPUT_FETCH_DEPTH: ${{ inputs.fetch_depth }}
         INPUT_SINCE_LAST_REMOTE_COMMIT: ${{ inputs.since_last_remote_commit }}
     - name: Glob match
-      uses: tj-actions/glob@v16.12
+      uses: tj-actions/glob@cebfb084cdf62d72c5318b1b3595ac5a45ed022f # renovate: tag=v16.11
       id: glob
       with:
         files: ${{ inputs.files }}
@@ -255,7 +255,7 @@ runs:
         INPUT_HAS_CUSTOM_PATTERNS: ${{ steps.glob.outputs.has-custom-patterns }}
         INPUT_JSON_RAW_FORMAT: ${{ inputs.json_raw_format }}
     - name: Generate output files
-      uses: tj-actions/json2file@v1.4.0
+      uses: tj-actions/json2file@ee0fd2ce53e57fa50da61615cd644018eaf3ab6c # renovate: tag=v1.3.0
       if: inputs.write_output_files == 'true'
       with:
         outputs: ${{ toJSON(steps.changed-files.outputs) }}

get-changed-paths.sh

@@ -126,7 +126,7 @@ function get_renames() {
       (
         cd "$sub" && (
           # the strange magic number is a hardcoded "empty tree" commit sha
-          git log --name-status --ignore-submodules=all "${sub_commit_pre:-4b825dc642cb6eb9a060e54bf8d69288fbee4904}".."${sub_commit_cur}" | { grep -E "^R" || true; } | awk -F '\t' -v d="$INPUT_OLD_NEW_SEPARATOR" '{print $2d$3}' | awk -v r="$sub" '{ print "" r "/" $0}'
+          git log --name-status --ignore-submodules=all "${sub_commit_pre:-4b825dc642cb6eb9a060e54bf8d69288fbee4904}" "${sub_commit_cur}" | { grep -E "^R" || true; } | awk -F '\t' -v d="$INPUT_OLD_NEW_SEPARATOR" '{print $2d$3}' | awk -v r="$sub" '{ print "" r "/" $0}'
         )
       ) || {
         echo "::warning::Failed to get renamed files for submodule ($sub) between: ${sub_commit_pre:-4b825dc642cb6eb9a060e54bf8d69288fbee4904} ${sub_commit_cur}. Please ensure that submodules are initialized and up to date. See: https://github.com/actions/checkout#usage" >&2
@@ -134,7 +134,7 @@ function get_renames() {
     fi
   done < <(git submodule | awk '{print $2}')
 
-  git log --name-status --ignore-submodules=all "$base".."$sha" | { grep -E "^R" || true; } | awk -F '\t' -v d="$INPUT_OLD_NEW_SEPARATOR" '{print $2d$3}' && exit_status=$? || exit_status=$?
+  git log --name-status --ignore-submodules=all "$base" "$sha" | { grep -E "^R" || true; } | awk -F '\t' -v d="$INPUT_OLD_NEW_SEPARATOR" '{print $2d$3}' && exit_status=$? || exit_status=$?
 
   if [[ $exit_status -ne 0 ]]; then
     echo "::error::Failed to get renamed files between: $base → $sha" >&2

renovate.json

@@ -20,7 +20,6 @@
     "enabled": true,
     "automerge": true
   },
-  "baseBranches": ["main", "sec"],
   "packageRules": [
     {
       "matchUpdateTypes": ["minor", "patch", "pin", "digest"],