From 3e92b3e2299739d8e819148fe5c52b9b26144e95 Mon Sep 17 00:00:00 2001
From: Daniel Fox <dfxamzn@amazon.com>
Date: Thu, 26 Dec 2024 10:08:01 -0700
Subject: [PATCH] Responding to sev2 escalation. Implementing SecOps guidance
 to address Potential for Supply Chain Tampering through Upstream Resource
 Tampering. The root cause is a vulnerability in the upstream repository
 tj-actions. Mitigating the risk by using the reusable action via a SHA
 reference so that the action consumed is immutable.

---
 .github/workflows/metadata-validation.yml | 2 +-
 .github/workflows/python-app.yml          | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/metadata-validation.yml b/.github/workflows/metadata-validation.yml
index a5d0c7e4..ce3f0c3e 100644
--- a/.github/workflows/metadata-validation.yml
+++ b/.github/workflows/metadata-validation.yml
@@ -20,7 +20,7 @@ jobs:
 
     - name: Get changed files
       id: get_changed
-      uses: tj-actions/changed-files@v44
+      uses: tj-actions/changed-files@e9772d140489982e0e3704fea5ee93d536f1e275
       with:
         files: "*-test-samples/**"
         separator: ","
diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml
index 6e84bdf5..161a5472 100644
--- a/.github/workflows/python-app.yml
+++ b/.github/workflows/python-app.yml
@@ -22,7 +22,7 @@ jobs:
 
     - name: Get changed files using defaults
       id: get_changed
-      uses: tj-actions/changed-files@v44
+      uses: tj-actions/changed-files@e9772d140489982e0e3704fea5ee93d536f1e275
       with:
         separator: ","