Skip to content

Sanitizing Quotes in PR Titles #27065

Discussion options

You must be logged in to vote

I don’t think there’s a built-in way to do that. What I’d do is read the file github.event_path points at with a JSON parser and sanitize the fields from there, without first having to pass the strings through the shell (or any other programming language).

For example, to get a shell-escaped version of the pull request title using Python in the PR_TITLE environment variable:

      - name: escape pull request title
        run: |
          import json
          import os
          import shlex
          with open('${{ github.event_path }}') as fh:
              event = json.load(fh)
          escaped = shlex.quote(event['pull_request']['title'])
          with open(os.environ['GITHUB_ENV']…

Replies: 7 comments 1 reply

Comment options

You must be logged in to vote
0 replies
Answer selected
Comment options

You must be logged in to vote
0 replies
Comment options

You must be logged in to vote
0 replies
Comment options

You must be logged in to vote
0 replies
Comment options

You must be logged in to vote
0 replies
Comment options

You must be logged in to vote
0 replies
Comment options

You must be logged in to vote
1 reply
@rbals0445
Comment options

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Actions Build, test, and automate your deployment pipeline with world-class CI/CD Product Feedback
5 participants