From a9cf44334bb398dae7b8e42c765fac2e3c702302 Mon Sep 17 00:00:00 2001
From: Adam Dangoor <adamdangoor@gmail.com>
Date: Tue, 17 Mar 2026 08:19:22 +0000
Subject: [PATCH 1/3] Move release and tag version into env vars to prevent
 template injection

Made-with: Cursor
---
 .github/workflows/release.yml | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 8e655a8a0..1785c8fc1 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -49,8 +49,10 @@ jobs:
 
       - name: Get the changelog underline
         id: changelog_underline
+        env:
+          RELEASE: ${{ steps.calver.outputs.release }}
         run: |
-          underline="$(echo "${{ steps.calver.outputs.release }}" | tr -c '\n' '-')"
+          underline="$(echo "$RELEASE" | tr -c '\n' '-')"
           echo "underline=${underline}" >> "$GITHUB_OUTPUT"
 
       - name: Update changelog
@@ -95,9 +97,11 @@ jobs:
           body: ${{ steps.tag_version.outputs.changelog }}
 
       - name: Build a binary wheel and a source tarball
+        env:
+          NEW_TAG: ${{ steps.tag_version.outputs.new_tag }}
         run: |
           git fetch --tags
-          git checkout ${{ steps.tag_version.outputs.new_tag }}
+          git checkout "$NEW_TAG"
           uv build --sdist --wheel --out-dir dist/
           uv run --extra=release check-wheel-contents dist/*.whl
 

From 01e584b47c1409b9e96ce52d96674d092d8d8610 Mon Sep 17 00:00:00 2001
From: Adam Dangoor <adamdangoor@gmail.com>
Date: Tue, 17 Mar 2026 08:27:55 +0000
Subject: [PATCH 2/3] Enable template-injection rule in zizmor config

Made-with: Cursor
---
 zizmor.yml | 2 --
 1 file changed, 2 deletions(-)

diff --git a/zizmor.yml b/zizmor.yml
index fab119cb0..863db3458 100644
--- a/zizmor.yml
+++ b/zizmor.yml
@@ -10,5 +10,3 @@ rules:
     disable: true
   superfluous-actions:
     disable: true
-  template-injection:
-    disable: true

From fa2cb9adf1bec1b45e772a31303247313dff2698 Mon Sep 17 00:00:00 2001
From: Adam Dangoor <adamdangoor@gmail.com>
Date: Tue, 17 Mar 2026 08:31:58 +0000
Subject: [PATCH 3/3] Fix template-injection in Check steps

Made-with: Cursor
---
 .github/workflows/release.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 1785c8fc1..9d0e5b258 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -66,8 +66,10 @@ jobs:
           regex: false
 
       - name: Check Update changelog was modified
+        env:
+          MODIFIED_FILES: ${{ steps.update_changelog.outputs.modifiedFiles }}
         run: |
-          if [ "${{ steps.update_changelog.outputs.modifiedFiles }}" = "0" ]; then
+          if [ "$MODIFIED_FILES" = "0" ]; then
             echo "Error: No files were modified when updating changelog"
             exit 1
           fi