fix(release:PLA-1355): harden version tag input#65
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 5459191362
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
There was a problem hiding this comment.
Pull request overview
This PR hardens the GitHub Actions release workflow’s workflow_dispatch version_tag handling to prevent template injection and reduce unsafe interpolation in shell steps.
Changes:
- Added a Bash validation step for
version_tagand routed the validated value through step/job outputs. - Replaced direct
${{ github.event.inputs.version_tag }}interpolation inrun:scripts with environment variables populated from the validated output. - Quoted
$GITHUB_OUTPUTwrites and grouped multiple output writes to satisfy actionlint-style safety checks.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
@dev-carapulse[bot] fix conflicts in PR |
|
Opened helper PR #76 to resolve the conflicts for this PR: #76 It merges current Track: https://carapulse-dev.morpho.dev/dashboard/runs?run_id=gw_run_a585b114c330 |
Summary
Changes
Linear