From 5d3bd74c866a83e0549c307351ecb4c21e00c0cc Mon Sep 17 00:00:00 2001 From: Zhiwei Liang Date: Tue, 14 Jul 2026 17:15:12 -0400 Subject: [PATCH] fix: prevent GitHub Actions script injection --- .github/workflows/integration_tests_pr.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/integration_tests_pr.yml b/.github/workflows/integration_tests_pr.yml index a79cd4219..b2b20b694 100644 --- a/.github/workflows/integration_tests_pr.yml +++ b/.github/workflows/integration_tests_pr.yml @@ -44,11 +44,12 @@ jobs: with: ref: ${{ inputs.sha }} - - run: make ARGS="-run ${{ inputs.module }}" fixtures + - run: make ARGS="-run $MODULE" fixtures if: ${{ inputs.module != '' && steps.disallowed-char-check.outputs.match == '' }} env: LINODE_TOKEN: ${{ secrets.DX_LINODE_TOKEN }} RUN_ACLP_LOGS_STREAM_TESTS: ${{ github.event.inputs.run_aclp_logs_stream_tests }} + MODULE: ${{ inputs.module }} - run: make fixtures if: ${{ inputs.module == '' }}