Skip to content

Commit bc61dc5

Browse files
authored
Merge commit from fork
1 parent 5eb7ef2 commit bc61dc5

File tree

1 file changed

+3
-2
lines changed

1 file changed

+3
-2
lines changed

action.yaml

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -183,9 +183,10 @@ runs:
183183
local input_value="$2"
184184
local default_value="$3"
185185
186-
if [ ! -z "$input_value" ] && [ "$input_value" != "$default_value" ]; then
186+
if [ -n "$input_value" ] && [ "$input_value" != "$default_value" ]; then
187187
# If action was provided with explicit input by the caller set that
188-
echo "export $var_name=$input_value" >> trivy_envs.txt
188+
# Use printf %q to safely escape special characters and prevent command injection
189+
printf 'export %s=%q\n' "$var_name" "$input_value" >> trivy_envs.txt
189190
fi
190191
}
191192

0 commit comments

Comments
 (0)