Bump tj-actions/changed-files from 39 to 41

[dependabot[bot]]

Bumps tj-actions/changed-files from 39 to 41.

Release notes

Sourced from tj-actions/changed-files's releases.

v41

Changes in v41.0.1

What's Changed

• Upgraded to v41 by @​tj-actions-bot in tj-actions/changed-files#1811
• chore(deps): update dependency eslint-plugin-prettier to v5.1.2 by @​renovate in tj-actions/changed-files#1813
• fix: update characters escaped by safe output by @​jackton1 in tj-actions/changed-files#1815

Full Changelog: https://github.com/tj-actions/changed-files/compare/v41...v41.0.1

---

Changes in v41.0.0

🔥 🔥 BREAKING CHANGE 🔥 🔥

A new safe_output input is now available to prevent outputting unsafe filename characters (Enabled by default). This would escape characters in the filename that could be used for command injection.

[!NOTE] This can be disabled by setting the safe_output to false this comes with a recommendation to store all outputs generated in an environment variable first before using them.

Example

...
    - name: Get changed files
      id: changed-files
      uses: tj-actions/changed-files@v40
      with:
        safe_output: false # set to false because we are using an environment variable to store the output and avoid command injection.
- name: List all added files
  env:
    ADDED_FILES: ${{ steps.changed-files.outputs.added_files }}
  run: |
    for file in "$ADDED_FILES"; do
      echo "$file was added"
    done

...

What's Changed

• chore(deps): update typescript-eslint monorepo to v6.15.0 by @​renovate in tj-actions/changed-files#1801
• Upgraded to v40.2.3 by @​tj-actions-bot in tj-actions/changed-files#1800
• chore(deps): update dependency eslint-plugin-prettier to v5.1.0 by @​renovate in tj-actions/changed-files#1802
• chore(deps): lock file maintenance by @​renovate in tj-actions/changed-files#1803
• chore(deps): update dependency eslint-plugin-prettier to v5.1.1 by @​renovate in tj-actions/changed-files#1804
• fix: update safe output regex and the docs by @​tj-actions-bot in tj-actions/changed-files#1805
• Revert "chore(deps): update actions/download-artifact action to v4" by @​jackton1 in tj-actions/changed-files#1806
• Update README.md by @​jackton1 in tj-actions/changed-files#1808

... (truncated)

Changelog

Sourced from tj-actions/changed-files's changelog.

Changelog

41.0.1 - (2023-12-24)

🐛 Bug Fixes

• Update characters escaped by safe output (#1815) (716b1e1) - (Tonye Jack)

⚙️ Miscellaneous Tasks

• deps: Update dependency eslint-plugin-prettier to v5.1.2 (7aaf10d) - (renovate[bot])

⬆️ Upgrades

• Upgraded to v41 (#1811)

Co-authored-by: jackton1 jackton1@users.noreply.github.com (cc08e17) - (tj-actions[bot])

41.0.0 - (2023-12-23)

🐛 Bug Fixes

• Update safe output regex and the docs (#1805) (ff2f6e6) - (tj-actions[bot])

⏪ Reverts

• Revert "chore(deps): update actions/download-artifact action to v4" (#1806)

(4f573fe) - (Tonye Jack)

🔄 Update

• Update README.md (6e79d6e) - (Tonye Jack)
• Update README.md (d13ac19) - (Tonye Jack)
• Update README.md (bb89f97) - (Tonye Jack)
• Updated README.md (#1810)

Co-authored-by: renovate[bot] (1864078) - (tj-actions[bot])

• Update README.md (#1808)

(47371c5) - (Tonye Jack)

📝 Other

• Merge pull request from GHSA-mcph-m25j-8j63

• feat: add safe_output input enabled by default

• fix: migrate README to safe uses of interpolation

... (truncated)

Commits

• 716b1e1 fix: update characters escaped by safe output (#1815)
• 7aaf10d chore(deps): update dependency eslint-plugin-prettier to v5.1.2
• cc08e17 Upgraded to v41 (#1811)
• 6e79d6e Update README.md
• d13ac19 Update README.md
• bb89f97 Update README.md
• 1864078 Updated README.md (#1810)
• f495a03 chore(deps): lock file maintenance
• 47371c5 Update README.md (#1808)
• 4f573fe Revert "chore(deps): update actions/download-artifact action to v4" (#1806)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov[bot]]

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Comparison is base (0f23255) 69.58% compared to head (56f7f8c) 70.10%.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## master #1217 +/- ## ========================================== + Coverage 69.58% 70.10% +0.52% ========================================== Files 133 134 +1 Lines 10051 10056 +5 Branches 1623 1623 ========================================== + Hits 6994 7050 +56 + Misses 1705 1654 -51 Partials 1352 1352 ``` | [Flag](https://app.codecov.io/gh/RFD-FHEM/RFFHEM/pull/1217/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=RFD-FHEM) | Coverage Δ | | |---|---|---| | [fhem](https://app.codecov.io/gh/RFD-FHEM/RFFHEM/pull/1217/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=RFD-FHEM) | `60.44% <ø> (+0.65%)` | :arrow_up: | | [modules](https://app.codecov.io/gh/RFD-FHEM/RFFHEM/pull/1217/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=RFD-FHEM) | `70.10% <ø> (+0.52%)` | :arrow_up: | | [perl](https://app.codecov.io/gh/RFD-FHEM/RFFHEM/pull/1217/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=RFD-FHEM) | `89.67% <ø> (-0.45%)` | :arrow_down: | | [unittests](https://app.codecov.io/gh/RFD-FHEM/RFFHEM/pull/1217/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=RFD-FHEM) | `70.10% <ø> (+0.52%)` | :arrow_up: | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=RFD-FHEM#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

[dependabot[bot]]

A newer version of tj-actions/changed-files exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

[sidey79]

@dependabot rebase

[dependabot[bot]]

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[sidey79]

@dependabot recreate

[dependabot[bot]]

Superseded by #1227.