Clearly document passing inputs to the `script` by joshmgross · Pull Request #603 · actions/github-script
-
Notifications
You must be signed in to change notification settings - Fork 571
Conversation
Copilot AI review requested due to automatic review settings
Hello from actions/github-script! (23886ca)
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Pull Request Overview
This PR clarifies how to safely pass inputs into the script step by using environment variables instead of inline Actions expressions, and highlights the security risks of script injection.
- Adds a new Passing inputs to the script section with example usage
- Removes the outdated Use env as input snippet further down in the README
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
