Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

fix: Mitigate command injection risk in GitHub Actions workflow #3009

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Commits on Sep 16, 2024

  1. fix: Mitigate command injection risk in GitHub Actions workflow

    - Refactored workflow to use environment variables for dynamic inputs
      (e.g., issue title, body, state) instead of directly embedding them
      in `run` commands.
    - Added `env` context to store values like `ISSUE_TITLE`, `ISSUE_BODY`,
      `ISSUE_STATE`, and `REQUIRE_RESULT` for safer command execution.
    - Updated `if` conditions and `run` commands to reference environment
      variables, reducing the potential for command injection.
    rohanday3 committed Sep 16, 2024
    Configuration menu
    Copy the full SHA
    2c7150d View commit details
    Browse the repository at this point in the history