mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2024-09-29 08:11:13 +00:00
CI: Disable variable substitution on input to the twitter script
This prevents command injection through backticks in commit messages.
This commit is contained in:
parent
788472f91a
commit
6602ab27e1
Notes:
sideshowbarker
2024-07-18 05:38:55 +09:00
Author: https://github.com/IdanHo Commit: https://github.com/SerenityOS/serenity/commit/6602ab27e12 Pull-request: https://github.com/SerenityOS/serenity/pull/9443
2
.github/workflows/twitter.yml
vendored
2
.github/workflows/twitter.yml
vendored
|
@ -14,7 +14,7 @@ jobs:
|
|||
node-version: '14'
|
||||
- run: npm i twit
|
||||
- run: |
|
||||
node ${{ github.workspace }}/Meta/tweet-commits.js << EOF
|
||||
node ${{ github.workspace }}/Meta/tweet-commits.js << 'EOF'
|
||||
${{ toJSON(github.event) }}
|
||||
EOF
|
||||
env:
|
||||
|
|
Loading…
Reference in a new issue