From 26945517577d5b6496f4a19f9429087c444e34fe Mon Sep 17 00:00:00 2001
From: yellow-shine <sammy.huang@zilliz.com>
Date: Tue, 10 Sep 2024 19:09:27 +0800
Subject: [PATCH] enhance: fix a security vulnerability (#36154)

Signed-off-by: Yellow Shine <sammy.huang@zilliz.com>
---
 .github/workflows/check-issue.yaml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/check-issue.yaml b/.github/workflows/check-issue.yaml
index 952c07641b91c..bdce82e174261 100644
--- a/.github/workflows/check-issue.yaml
+++ b/.github/workflows/check-issue.yaml
@@ -10,6 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     env:
       TITLE_PASSED: "T"
+      ISSUE_TITLE: ${{ github.event.issue.title }}
     permissions:
       issues: write
     timeout-minutes: 20
@@ -19,7 +20,8 @@ jobs:
       - name: Check Issue
         shell: bash
         run: |
-          echo Issue title: ${{ github.event.issue.title }}
+          echo "Issue title: ${ISSUE_TITLE//\"/\\\"}"
+
           cat >> check_title.py << EOF
           import re
           import sys
@@ -32,7 +34,7 @@ jobs:
               print("TITLE_PASSED=T")
           EOF
           
-          python3 check_title.py "${{ github.event.issue.title }}" >> "$GITHUB_ENV"
+          python3 check_title.py "${ISSUE_TITLE//\"/\\\"}" >> "$GITHUB_ENV"
           cat $GITHUB_ENV
 
       - name: Check env