From ce94f641135ad858d36d02d1feefaae4c6db8a19 Mon Sep 17 00:00:00 2001
From: Martin Stefcek <gcifko@gmail.com>
Date: Wed, 20 Jul 2022 17:08:39 +0200
Subject: [PATCH] fix: prevent code injection

---
 .github/workflows/pr_title.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/pr_title.yml b/.github/workflows/pr_title.yml
index dd7905d1b2..307b4e678a 100644
--- a/.github/workflows/pr_title.yml
+++ b/.github/workflows/pr_title.yml
@@ -17,4 +17,6 @@ jobs:
           echo "module.exports = {extends: ['@commitlint/config-conventional']}" > commitlint.config.js
       - name: lint
         run: |
-          echo "${{github.event.pull_request.title}}" | commitlint
+          echo "$PR_TITLE" | commitlint
+        env:
+          PR_TITLE: ${{github.event.pull_request.title}}