fix(security): autofix Template Injection in GitHub Workflows Action

aikido-autofix[bot] · triceo · commit ccfad2e79beb · 2026-04-24T15:02:46.000+02:00
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -73,13 +73,16 @@ jobs:
       # Technically, this goes against the main reason for doing a dry run; to eliminate potential problems.
       # But unless something catastrophic happened, PR checks on source branch already ensured that all tests pass.
       - name: Set release version and build release
+        env:
+          VERSION: ${{ github.event.inputs.version }}
+          DRY_RUN: ${{ github.event.inputs.dryRun }}
         run: |
-          ./mvnw -Dfull versions:set -DnewVersion=${{ github.event.inputs.version }}
-          ./mvnw -Dfull deploy -DskipTests=${{ github.event.inputs.dryRun }} -DaltDeploymentRepository=local::default::file://`pwd`/target/staging-deploy
+          ./mvnw -Dfull versions:set -DnewVersion=$VERSION
+          ./mvnw -Dfull deploy -DskipTests=$DRY_RUN -DaltDeploymentRepository=local::default::file://`pwd`/target/staging-deploy
           cp docs/target/antora.yml docs/src/antora.yml
           git add docs/src/antora.yml
           find . -name 'pom.xml' | xargs git add
-          git commit -m "build: release version ${{ github.event.inputs.version }}"
+          git commit -m "build: release version $VERSION"
           git push origin $RELEASE_BRANCH_NAME
 
       - name: Run JReleaser
