Bump tj-actions/verify-changed-files from 13 to 17

[dependabot]

Bumps tj-actions/verify-changed-files from 13 to 17.

Release notes

Sourced from tj-actions/verify-changed-files's releases.

v17

Changes in v17.0.2

What's Changed

• Upgraded to v17.0.1 by @​tj-actions-bot in tj-actions/verify-changed-files#361
• chore(deps): update tj-actions/glob action to v18 by @​renovate in tj-actions/verify-changed-files#363
• chore: update test by @​jackton1 in tj-actions/verify-changed-files#362

Full Changelog: tj-actions/verify-changed-files@v17...v17.0.2

---

Changes in v17.0.1

What's Changed

• Upgraded to v17 by @​tj-actions-bot in tj-actions/verify-changed-files#358
• chore(deps): update tj-actions/verify-changed-files action to v17 by @​renovate in tj-actions/verify-changed-files#359
• fix: bug with adding separator to output by @​jackton1 in tj-actions/verify-changed-files#360

Full Changelog: tj-actions/verify-changed-files@v17...v17.0.1

---

Changes in v17.0.0

🔥 🔥 BREAKING CHANGE 🔥 🔥

A new safe_output input is now available to prevent outputting unsafe filename characters (Enabled by default). This would escape characters in the filename that could be used for command injection.

[!NOTE] This can be disabled by setting the safe_output to false this comes with a recommendation to store all outputs generated in an environment variable first before using them.

Example

...
      - name: Verify Changed files
        uses: tj-actions/verify-changed-files@v16
        id: verify-changed-files
        with:
          safe_output: false # set to false because we are using an environment variable to store the output and avoid command injection.
  - name: List all changed tracked and untracked files
    env:
      FILES_CHANGED: ${{ steps.verify-changed-files.outputs.changed_files }}
    run: |
      echo "Changed files: $FILES_CHANGED

...

What's Changed

• Upgraded to v16.1.1 by @​tj-actions-bot in tj-actions/verify-changed-files#343
• chore(deps): update actions/checkout action to v4.1.1 by @​renovate in tj-actions/verify-changed-files#344

... (truncated)

Changelog

Sourced from tj-actions/verify-changed-files's changelog.

📦 Bumps

• Bump actions/checkout from 4.1.0 to 4.1.1 (#345)

Co-authored-by: dependabot[bot] (6d68896) - (dependabot[bot])

➕ Add

• Create SECURITY.md (08975f0) - (Tonye Jack)

➖ Remove

• Deleted .github/workflows/auto-approve.yml (7b7a3b8) - (Tonye Jack)
• Deleted .github/workflows/greetings.yml (9f02ec6) - (Tonye Jack)

🔄 Update

• Update README.md (bc950d8) - (Tonye Jack)
• Update README.md (e302902) - (Tonye Jack)
• Update README.md (2f947c4) - (Tonye Jack)
• Update README.md (a6a8167) - (Tonye Jack)
• Updated README.md (f151bce) - (jackton1)
• Updated README.md (3571d65) - (jackton1)
• Update README.md (126b949) - (Tonye Jack)
• Updated README.md (47f2c87) - (jackton1)
• Update update-readme.yml (14b9592) - (Tonye Jack)
• Updated README.md (301fce7) - (jackton1)
• Update README.md (1e75cac) - (Tonye Jack)
• Update README.md (7149bbe) - (Tonye Jack)
• Update README.md (78dc414) - (Tonye Jack)

📝 Other

• PR #355: README.md (6f91e27) - (repo-ranger[bot])
• Merge pull request from GHSA-ghm2-rq8q-wrhc

• feat: add safe_output input enabled by default

• fix: migrate README to safe uses of interpolation

• fix: also sanitize )

• fix: remove sanitization of '

• fix: also sanitize |

... (truncated)

Commits

• b742fc9 chore: update test (#362)
• 0a07b6e Merge pull request #363 from tj-actions/renovate/tj-actions-glob-18.x
• 071c65e chore(deps): update tj-actions/glob action to v18
• 56d4ba3 Merge pull request #361 from tj-actions/upgrade-to-v17.0.1
• 43232db Upgraded from v17.0.0 -> v17.0.1
• 4321d85 fix: bug with adding separator to output (#360)
• 2a93ea6 Merge pull request #359 from tj-actions/renovate/tj-actions-verify-changed-fi...
• 5cb319c chore(deps): update tj-actions/verify-changed-files action to v17
• 0d4817f Upgraded to v17 (#358)
• bc950d8 Update README.md
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Looks like tj-actions/verify-changed-files is up-to-date now, so this is no longer needed.

[gbtb16]

The PR #100 resolves this.