File tree Expand file tree Collapse file tree 1 file changed +9
-6
lines changed Expand file tree Collapse file tree 1 file changed +9
-6
lines changed Original file line number Diff line number Diff line change @@ -55,17 +55,20 @@ jobs:
5555
5656name : Extract and sanitize branch name
5757 id : branch-name
58+ env :
59+ UNTRUSTED_HEAD_REF : ${{ github.head_ref }}
60+ EVENT_NAME : ${{ github.event_name }}
5861 run : |
59- # Get branch name from ref
60- if [[ "${{ github.event_name }} " == "pull_request" ]]; then
61- BRANCH="${{ github.head_ref }} "
62+ # Get branch name from ref (use env vars to avoid direct interpolation)
63+ if [[ "$EVENT_NAME " == "pull_request" ]]; then
64+ BRANCH="$UNTRUSTED_HEAD_REF "
6265 else
6366 BRANCH="${GITHUB_REF#refs/heads/}"
6467 fi
6568 # Sanitize branch name for filename (replace / with -)
66- SAFE_BRANCH=$(echo "$BRANCH" | sed 's/\//-/g')
67- echo " branch=$SAFE_BRANCH" >> $GITHUB_OUTPUT
68- echo " Branch name: $BRANCH (sanitized: $ SAFE_BRANCH) "
69+ SAFE_BRANCH=$(printf '%s' "$BRANCH" | sed 's/\//-/g')
70+ printf ' branch=%s\n' " $SAFE_BRANCH" >> " $GITHUB_OUTPUT"
71+ printf ' Branch name: %s (sanitized: %s)\n' "$BRANCH" "$ SAFE_BRANCH"
6972
7073name : Package extension
7174 run : npm run package
You can’t perform that action at this time.
0 commit comments