diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 3f0130fa0..d2e19e7cc 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -29,5 +29,9 @@ jobs: pnpm add $CONFIG_PACKAGE - name: Validate PR title + env: + # Sanitizing PR title as documented here: + # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable + PR_TITLE: "${{ github.event.pull_request.title }}" run: | - echo "${{ github.event.pull_request.title }}" | pnpm -s dlx commitlint + echo $PR_TITLE | pnpm -s dlx commitlint