Merge pull request #13 from sanger/develop

Y24-246 - Strings are safely escaped to avoid running backtick'd commands
sanger · Aug 21, 2024 · a201d65 · a201d65
2 parents d763313 + bd7bb97
commit a201d65
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/.github/workflows/generate_issue_number.yml b/.github/workflows/generate_issue_number.yml
@@ -31,7 +31,7 @@ jobs:
         id: check_issue_title
         run: |
           ISSUE_TITLE="${{ github.event.issue.title }}"
-          if [[ "$ISSUE_TITLE" =~ ^Y[0-9]{2}-[0-9]{3,4} ]]; then
+          if [[ "$(printf '%q' "$ISSUE_TITLE")" =~ ^Y[0-9]{2}-[0-9]{3,4} ]]; then
             echo "VALID_TITLE=true" >> $GITHUB_OUTPUT
           else
             echo "VALID_TITLE=false" >> $GITHUB_OUTPUT

diff --git a/README.md b/README.md
@@ -24,3 +24,6 @@ A GitHub appication with the correct permissions will be needed. During the acti
 3) Generate Story Number: The current issue number is incremented during the script to avoid conflicts as much as possible. The incremented number is then concatenated with the prefix to form the story number.
 4) Update Organisation Variable: The incremented issue number is saved back to the organisation variable.
 5) Modify Issue Title: The issue title is updated so that the generated story number prefixes the original story title.
+
+
+> Note: Any issues made in this repository will use the action in the `develop` branch for testing (there will no longer be extreme panic when the action fails and stops working across the organisation (hopefully))