Combine PRs security fix

Question

Closed this issue 3 years ago · 0 comments

I'm the maintainer of https://github.com/hrvey/combine-prs-workflow and we just made a new release - https://github.com/hrvey/combine-prs-workflow/releases/tag/1.2.0 - to fix a potential injection attack based on a PR with a malicious branch name. I wanted to let you know since a GitHub search showed me you're using a prior version.