From 15560f2d3265b3a8e3780622ddc9bd370e0067bc Mon Sep 17 00:00:00 2001
From: Roberto Gazia <r.gazia@arduino.cc>
Date: Mon, 27 Oct 2025 16:27:26 +0100
Subject: [PATCH] sec: fix script injection

---
 .github/workflows/calculate-size-delta.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/calculate-size-delta.yml b/.github/workflows/calculate-size-delta.yml
index 91905b5..e199789 100644
--- a/.github/workflows/calculate-size-delta.yml
+++ b/.github/workflows/calculate-size-delta.yml
@@ -29,8 +29,8 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
-          echo "Searching for PR from branch '${{ github.ref_name }}'..."
-          PR_NUMBER=$(gh pr list --state open --head "${{ github.ref_name }}" --json number --jq '.[0].number // empty')
+          echo "Searching for PR from branch ${GITHUB_REF_NAME}..."
+          PR_NUMBER=$(gh pr list --state open --head "${GITHUB_REF_NAME}" --json number --jq '.[0].number // empty')
           if [ -z "$PR_NUMBER" ]; then
             echo "Not found in current repo, searching across forks..."
             PR_NUMBER=$(gh pr list --state open --json number,headRefName,headRepositoryOwner --jq ".[] | select(.headRefName == \"${{ github.ref_name }}\") | .number" | head -n1)
@@ -148,4 +148,4 @@ jobs:
           echo ""
           echo "To view:"
           echo "1. Go to the 'build' job above"
-          echo "2. Scroll to the bottom to see the Job Summary"
\ No newline at end of file
+          echo "2. Scroll to the bottom to see the Job Summary"