From 23cfa849984baf9f41ae889b7e68e0a3766b4798 Mon Sep 17 00:00:00 2001
From: zhom <2717306+zhom@users.noreply.github.com>
Date: Tue, 2 Dec 2025 00:29:12 +0400
Subject: [PATCH] chore: prevent code injection

---
 .github/workflows/release-notes-generator.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/release-notes-generator.yml b/.github/workflows/release-notes-generator.yml
index b64a8cc..970dd4a 100644
--- a/.github/workflows/release-notes-generator.yml
+++ b/.github/workflows/release-notes-generator.yml
@@ -25,8 +25,8 @@ jobs:
         id: get-release
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          TAG_NAME: ${{ github.event.workflow_run.head_branch }}
         run: |
-          TAG_NAME="${{ github.event.workflow_run.head_branch }}"
           echo "tag-name=$TAG_NAME" >> $GITHUB_OUTPUT
 
           # Get release info by tag