Skip to content

[Issue]: Apply CI output escaping to infrastructure and tooling scripts #366

New issue
New issue
Closed
#369
Closed
[Issue]: Apply CI output escaping to infrastructure and tooling scripts#366
#369
Assignees
WilliamBerryiii
Labels
needs-triageRequires triage and prioritization
@WilliamBerryiii

Description

@WilliamBerryiii
WilliamBerryiii
opened on Jan 30, 2026

Issue Description

Apply ConvertTo-GitHubActionsEscaped from CIHelpers module to infrastructure and tooling scripts that emit workflow commands. This prevents workflow command injection when user-controlled data appears in CI output.

Files to update:

  • .github/workflows/dependency-pinning-scan.yml
  • scripts/dev-tools/Generate-PrReference.ps1
  • scripts/extension/Package-Extension.ps1
  • scripts/extension/Prepare-Extension.ps1
  • scripts/lib/Get-VerifiedDownload.ps1

Additional Context

Related to PR #354 which introduced the CIHelpers module with escape functions. These files span workflow definitions, extension packaging, PR tooling, and the verified download library.

Metadata

Metadata

Assignees

Labels

needs-triageRequires triage and prioritization

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions