chore: resolves bad object error when its run in the context of main branch

[QuantumNeuralCoder]

Issue # (if applicable)

Github action security-guradian is unable to detect changed cfn templates in PRs

Closes #.

NA

Reason for this change

Fixes an issue where security-guardian github action runs but is unable to find changed templates. Since it runs in the context of pull_request_target workflow its unable to find the head commit of PR which is in the base branch. This happened after we switched from pull_request to pull_request_target for improved security posture during the run of the github action.

Run echo "Getting changed CloudFormation templates..."
Getting changed CloudFormation templates...
From https://github.com/aws/aws-cdk
 * branch                  main       -> FETCH_HEAD
fatal: bad object 7c12c04a9d7bde97dda3caec8e3fcf7102f2f938

Description of changes

Checksout and compares the base version with the head version.

Describe any new or updated permissions being added

None

Description of how you validated changes

Cannot be validated until merged

Checklist

[ x] My code adheres to the CONTRIBUTING GUIDE and DESIGN GUIDELINES

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

[aws-cdk-automation]

(This review is outdated)

✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.

[mergify]

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

[mergify]

This pull request has been removed from the queue for the following reason: pull request dequeued.

Pull request #34154 has been dequeued. The pull request could not be merged. This could be related to an activated branch protection or ruleset rule that prevents us from merging. (details: 2 of 2 required status checks are expected.).

You should look at the reason for the failure and decide if the pull request needs to be fixed or if you want to requeue it.
If you do update this pull request, it will automatically be requeued once the queue conditions match again.
If you think this was a flaky issue instead, you can requeue the pull request, without updating it, by posting a @mergifyio requeue comment.

[paulhcsun]

@Mergifyio update

[mergify]

update

☑️ Nothing to do

• #commits-behind > 0 [📌 update requirement]
• -closed [📌 update requirement]
• -conflict [📌 update requirement]
• queue-position = -1 [📌 update requirement]

[mergify]

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

[aws-cdk-automation]

AWS CodeBuild CI Report

• CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
• Commit ID: 635fb47
• Result: SUCCEEDED
• Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

[mergify]

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

[github-actions]

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.