Fix Github Workflow vulnerable to script injection (#14379)

fix: github workflow vulnerable to script injection

Signed-off-by: Diogo Teles Sant'Anna <[email protected]>

Author: diogoteles08

.github/workflows/stage-release.yml

@@ -6,6 +6,7 @@ on:
 
 env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  BRANCH_NAME: ${{ github.event.pull_request.head.ref }}
 
 jobs:
   github-release:
@@ -20,7 +21,6 @@ jobs:
       - name: Extract version from branch name
         id: extract_version
         run: |
-          BRANCH_NAME="${{ github.event.pull_request.head.ref }}"
           VERSION=$(echo $BRANCH_NAME | grep -oE '[0-9]+\.[0-9]+\.[0-9]+')
           echo "VERSION=$VERSION" >> $GITHUB_ENV
       - name: Prep git