fix: Security: Fix 4 findings in GitHub Actions workflows

Author: jpr5

.github/workflows/commands.yml

@@ -17,9 +17,11 @@ jobs:
           fetch-depth: 0
 
       - name: Merge new commits from main
+        env:
+            GH_ACTOR: ${{ github.actor }}
         run: |
-          git config --global user.name '${{ github.actor }}'
-          git config --global user.email '${{ github.actor }}@users.noreply.github.com'
+          git config --global user.name '$GH_ACTOR'
+          git config --global user.email '$GH_ACTOR@users.noreply.github.com'
           git merge -X theirs origin/main -m "Merge main into this branch"
 
       - name: Rebuild the database
@@ -78,16 +80,20 @@ jobs:
           unzip -o /tmp/ext.zip -d ./extensions/${{ contains(github.event.issue.labels.*.name, '🔍 Reviewed extension') && 'reviewed' || 'community' }}
 
       - name: Rebuild the database
+        env:
+            GH_ACTOR: ${{ github.actor }}
         run: |
           npm i
           echo 'BUILD_LOGS<<EOF' >> $GITHUB_ENV
           node scripts/generate-extensions-registry.js --disable-exit-code >> $GITHUB_ENV
           echo 'EOF' >> $GITHUB_ENV
 
       - name: Setup git config
+        env:
+            GH_ACTOR: ${{ github.actor }}
         run: |
-          git config --global user.name '${{ github.actor }}'
-          git config --global user.email '${{ github.actor }}@users.noreply.github.com'
+          git config --global user.name '$GH_ACTOR'
+          git config --global user.email '$GH_ACTOR@users.noreply.github.com'
 
       - name: Check for changed file
         id: git-diff