dora-rs
/
dora
Not watched
1
0
Fork 0
Code
Releases 124 Wiki evaluate Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain HPC
Browse Source

Fix: Set variables outside bash script to prevent injection

tags/test-git
Philipp Oppermann 10 months ago
parent
c52d9b9b94
commit
00f9270524
Failed to extract signature
1 changed files with 4 additions and 5 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +4
    -5
      .github/workflows/dora-bot-assign.yml

+ 4
- 5
.github/workflows/dora-bot-assign.yml View File

@@ -19,12 +19,11 @@ jobs:
- name: Parses comment then assign/unassign user
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
COMMENT_BODY: "${{ github.event.comment.body }}"
ISSUE_NUMBER: "${{ github.event.issue.number }}"
COMMENT_AUTHOR: "${{ github.event.comment.user.login }}"
AUTHOR_ASSOCIATION: "${{ github.event.comment.author_association }}"
run: |
COMMENT_BODY="${{ github.event.comment.body }}"
ISSUE_NUMBER="${{ github.event.issue.number }}"
COMMENT_AUTHOR="${{ github.event.comment.user.login }}"
AUTHOR_ASSOCIATION="${{ github.event.comment.author_association }}"

# For assigning
if [[ "$COMMENT_BODY" == "@dora-bot assign me" ]]; then
echo "Assigning $COMMENT_AUTHOR to issue #$ISSUE_NUMBER"


Write Preview
Loading…
Cancel
Save