diff --git a/.github/workflows/build_push.yml b/.github/workflows/build_push.yml
index 346eb44e..43101393 100644
--- a/.github/workflows/build_push.yml
+++ b/.github/workflows/build_push.yml
@@ -31,14 +31,15 @@ jobs:
           ref: main
           token: ${{ secrets.BOT_PAT }}
 
-      - name: Find lib changes
-        id: modified-libs
-        uses: tj-actions/changed-files@90a06d6ba9543371ab4df8eeca0be07ca6054959 #v42
-        with:
-          files: lib/
-          files_ignore: lib/**.md
-          files_separator: " "
-          safe_output: false
+      # Temporary pause because of leak of tj-actions/changed-files
+      # - name: Find lib changes
+      #   id: modified-libs
+      #   uses: tj-actions/changed-files@90a06d6ba9543371ab4df8eeca0be07ca6054959 #v42
+      #   with:
+      #     files: lib/
+      #     files_ignore: lib/**.md
+      #     files_separator: " "
+      #     safe_output: false
 
       - name: Import GPG key
         uses: crazy-max/ghaction-import-gpg@v6  # v6.1.0
@@ -48,12 +49,12 @@ jobs:
           git_user_signingkey: true
           git_commit_gpgsign: true
 
-        # This step is going to commit, but this will not trigger another workflow.
-      - name: Bump extensions that uses a modified lib
-        if: steps.modified-libs.outputs.any_changed == 'true'
-        run: |
-          chmod +x ./.github/scripts/bump-versions.py
-          ./.github/scripts/bump-versions.py ${{ steps.modified-libs.outputs.all_changed_files }}
+      #   # This step is going to commit, but this will not trigger another workflow.
+      # - name: Bump extensions that uses a modified lib
+      #   if: steps.modified-libs.outputs.any_changed == 'true'
+      #   run: |
+      #     chmod +x ./.github/scripts/bump-versions.py
+      #     ./.github/scripts/bump-versions.py ${{ steps.modified-libs.outputs.all_changed_files }}
 
       - name: Validate Gradle Wrapper
         uses: gradle/wrapper-validation-action@a494d935f4b56874c4a5a87d19af7afcf3a163d0 # v2