zizmor reveals "github.ref_name may expand into attacker-controllable code", should something else be used?

[MarcoGorelli]

Issue Description

If I run zizmor against the workflow in https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/#the-whole-ci-cd-workflow, then it finds

89 |         # sigstore-produced signatures and certificates.
90 |         run: >-
   |  _______^
91 | |         gh release upload
92 | |         '${{ github.ref_name }}' dist/**
93 | |         --repo '${{ github.repository }}'
   | |__________________________________________^ github.ref_name may expand into attacker-controllable code

Should something else be recommended instead?

Code of Conduct

• I am aware that participants in this repository must follow the PSF Code of Conduct.

[ncoghlan]

zizmor's explanation of the reported problem: https://woodruffw.github.io/zizmor/audits/#template-injection (and explanation for why switching to the environment variable version fixes it: with the environment variables, the shell handles correctly quoting the injected text from the variable, whereas the template substitution version isn't escaped at all)