From 4f9dde4afa06cd8c39853c19db4e16eb50f44ef4 Mon Sep 17 00:00:00 2001 From: Daniel Izdebski Date: Thu, 14 Sep 2023 17:22:49 +0200 Subject: [PATCH] =?UTF-8?q?=F0=9F=91=B7=20chore(ci):=20Sanitize=20PR=20tit?= =?UTF-8?q?les=20in=20`.github/workflows/pr.yml`?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/pr.yml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 3f0130fa0..003628400 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -20,14 +20,18 @@ jobs: env: GITMOJI_CONFIG_PACKAGE: "commitlint-config-gitmoji" run: | - echo "CONFIG_PACKAGE=$(grep -A 2 "$GITMOJI_CONFIG_PACKAGE" pnpm-lock.yaml | awk '/version:/ {print "'"$GITMOJI_CONFIG_PACKAGE"'@" $2}')" >> $GITHUB_OUTPUT + echo "CONFIG_PACKAGE=$(grep -A 2 "$GITMOJI_CONFIG_PACKAGE" pnpm-lock.yaml | awk '/version:/ {print "'"$GITMOJI_CONFIG_PACKAGE"'@" $2}')" >> "$GITHUB_OUTPUT" - name: Install config package env: CONFIG_PACKAGE: "${{ steps.config-package-version.outputs.CONFIG_PACKAGE }}" run: | - pnpm add $CONFIG_PACKAGE + pnpm add "$CONFIG_PACKAGE" - name: Validate PR title + env: + # Sanitizes PR title as documented here: + # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable + PR_TITLE: "${{ github.event.pull_request.title }}" run: | - echo "${{ github.event.pull_request.title }}" | pnpm -s dlx commitlint + echo "$PR_TITLE" | pnpm -s dlx commitlint