⚠️[Security fix] - Code injection and unsafe code execution (#2)

- Fixing #9 , by [using an intermediate environment
variable](https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable).
- Fixing #10 , by changing the workflow to trigger on
[pull_request_target](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target)

Author: MariusStorhaug

.github/workflows/Auto-Release.yml

@@ -1,7 +1,7 @@
 name: Auto-Release
 
 on:
-  pull_request:
+  pull_request_target:
     branches:
       - main
     types:

.github/workflows/Linter.yml

@@ -1,7 +1,9 @@
 name: Linter
 
 on:
-  pull_request:
+  pull_request_target:
+    branches:
+      - main
 
 jobs:
   Lint:

README.md

@@ -5,6 +5,7 @@ Automatically creates releases based on pull requests and labels.
 ## Specifications and practices
 
 Auto-Release follows:
+Test
 
 - [SemVer 2.0.0 specifications](https://semver.org)
 - [GitHub Flow specifications](https://docs.github.com/en/get-started/using-github/github-flow)

action.yml

@@ -24,6 +24,13 @@ runs:
   steps:
     - name: Auto-Release
       shell: pwsh
+      env:
+        GITHUB_CONTEXT: ${{ toJson(github) }}
+        JOB_CONTEXT: ${{ toJson(job) }}
+        RUNNER_CONTEXT: ${{ toJson(runner) }}
+        AutoPatching: ${{ inputs.AutoPatching }}
+        IncrementalPrerelease: ${{ inputs.IncrementalPrerelease }}
+        VersionPrefix: ${{ inputs.VersionPrefix }}
       run: |
         # Auto-Release
         Write-Host "::group::Utilities"
@@ -43,9 +50,21 @@ runs:
         Get-ChildItem -Path Env: | Select-Object Name, Value | Sort-Object Name | Format-Table -AutoSize
         Write-Host '::endgroup::'
 
-        $autoPatching = '${{ inputs.AutoPatching }}' -eq 'true'
-        $incrementalPrerelease = '${{ inputs.IncrementalPrerelease }}' -eq 'true'
-        $versionPrefix = '${{ inputs.VersionPrefix }}'
+        Write-Host "::group::GitHub context"
+        Write-Host $env:GITHUB_CONTEXT
+        Write-Host '::endgroup::'
+
+        Write-Host "::group::Job context"
+        Write-Host $env:JOB_CONTEXT
+        Write-Host '::endgroup::'
+
+        Write-Host "::group::Runner context"
+        Write-Host $env:RUNNER_CONTEXT
+        Write-Host '::endgroup::'
+
+        $autoPatching = $env:AutoPatching -eq 'true'
+        $incrementalPrerelease = $env:IncrementalPrerelease -eq 'true'
+        $versionPrefix = $env:VersionPrefix
         Write-Host "-------------------------------------------------"
         Write-Host "Auto patching enabled:          [$autoPatching]"
         Write-Host "Incremental prerelease enabled: [$autoPatching]"