This is an automated email from the ASF dual-hosted git repository.
pcongiusti pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/main by this push:
new 4cc8b48c1d9f fix(ci): avoid potential PR injection
4cc8b48c1d9f is described below
commit 4cc8b48c1d9f680637bdea461d1092556bba977c
Author: Pasquale Congiusti <[email protected]>
AuthorDate: Fri Jan 9 09:41:57 2026 +0100
fix(ci): avoid potential PR injection
---
.github/workflows/pr-comment.yml | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/pr-comment.yml b/.github/workflows/pr-comment.yml
index 35ae09fe29e8..666d6deb21e9 100644
--- a/.github/workflows/pr-comment.yml
+++ b/.github/workflows/pr-comment.yml
@@ -20,7 +20,7 @@ name: PR Comment Build
on:
issue_comment:
types: [created]
-permissions:
+permissions:
contents: read
jobs:
@@ -74,11 +74,13 @@ jobs:
java-version: ${{ matrix.java }}
cache: 'maven'
- id: test
+ env:
+ comment_body: ${{ github.event.comment.body }}
name: Component test execution
uses: ./.github/actions/component-test
with:
run-id: ${{ github.run_id }}
pr-id: ${{ github.event.issue.number }}
comment-id: ${{ github.event.comment.id }}
- comment-body: ${{ github.event.comment.body }}
+ comment-body: ${{ env.comment_body }}
artifact-upload-suffix: java-${{ matrix.java }}
