From 7e762e7ae997ae4bc70cbbe2f724751cd84008c3 Mon Sep 17 00:00:00 2001
From: Arun <arunstar333@gmail.com>
Date: Sat, 2 Sep 2023 15:05:05 +0530
Subject: [PATCH] Fix commands injection in Github workflow (#9542)

---
 .github/workflows/test-bug-run-badge.yml | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/test-bug-run-badge.yml b/.github/workflows/test-bug-run-badge.yml
index cb1e60dce8..d60177fc93 100644
--- a/.github/workflows/test-bug-run-badge.yml
+++ b/.github/workflows/test-bug-run-badge.yml
@@ -13,9 +13,11 @@ jobs:
     steps:
       - name: Test badge test run conditions
         id: testCondition
+        env:
+          ISSUE_BODY: '${{ github.event.issue.body }}'
         run: |
-          product=$(echo "${{ github.event.issue.body }}" | grep -A2 "Are you experiencing an issue with.*" | tail -n 1)
-          link=$(echo "${{ github.event.issue.body }}" | grep -A2 "Link to the badge.*" | tail -n 1)
+          product=$(echo "$ISSUE_BODY" | grep -A2 "Are you experiencing an issue with.*" | tail -n 1)
+          link=$(echo "$ISSUE_BODY" | grep -A2 "Link to the badge.*" | tail -n 1)
 
           if [[ "$product" == "shields.io" && "$link" == "https://img.shields.io"* ]]; then
             echo "runNext=true" >> "$GITHUB_OUTPUT"
-- 
GitLab