From 8b674ba4b4e03b4b59d104e3eb10b2c634aa8a37 Mon Sep 17 00:00:00 2001 From: Matisse Hack Date: Wed, 14 Dec 2022 12:51:00 -0800 Subject: [PATCH] Further command injection mitigation --- .github/workflows/issue_ops.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/issue_ops.yml b/.github/workflows/issue_ops.yml index 89a0f9e..6c3a301 100644 --- a/.github/workflows/issue_ops.yml +++ b/.github/workflows/issue_ops.yml @@ -63,7 +63,7 @@ jobs: COMMENT_BODY: ${{ github.event.comment.body }} LABELS: ${{ toJSON(github.event.issue.labels.*.name) }} run: | - ./bin/parse_issue "${{ env.ISSUE_BODY }}" "${{ env.COMMENT_BODY }}" "${{ env.LABELS }}" + ./bin/parse_issue "$ISSUE_BODY" "$COMMENT_BODY" "$LABELS" - name: Validate arguments run: | if [ -z "${{ steps.prepare.outputs.provider }}" ]; then