actionlint reports two info-level SC2086 warnings against .github/workflows/ci.yml line 33:
.github/workflows/ci.yml:33:9: shellcheck reported issue in this script: SC2086:info:2:35: Double quote to prevent globbing and word splitting [shellcheck]
.github/workflows/ci.yml:33:9: shellcheck reported issue in this script: SC2086:info:2:71: Double quote to prevent globbing and word splitting [shellcheck]
The offending line:
lima git clone --depth 1 --branch $GITHUB_REF_NAME https://github.com/$GITHUB_REPOSITORY.git /tmp/ar
$GITHUB_REF_NAME and $GITHUB_REPOSITORY should be double-quoted to prevent word splitting and globbing:
lima git clone --depth 1 --branch "$GITHUB_REF_NAME" "https://github.com/$GITHUB_REPOSITORY.git" /tmp/ar
In practice these variables do not contain spaces or glob characters in the current CI context, but the shellcheck hygiene should match.
Acceptance
Scope
Small single-line fix. Suggest a dedicated PR with commit:
ci: quote variables in lima clone command (SC2086)
Split out from the CHANGELOG enforcement PR to keep that PR's narrative focused. Filed per maintainer direction during CHANGELOG enforcement PR review.
actionlintreports two info-level SC2086 warnings against.github/workflows/ci.ymlline 33:The offending line:
$GITHUB_REF_NAMEand$GITHUB_REPOSITORYshould be double-quoted to prevent word splitting and globbing:In practice these variables do not contain spaces or glob characters in the current CI context, but the shellcheck hygiene should match.
Acceptance
actionlint .github/workflows/ci.ymlexits 0Scope
Small single-line fix. Suggest a dedicated PR with commit:
Split out from the CHANGELOG enforcement PR to keep that PR's narrative focused. Filed per maintainer direction during CHANGELOG enforcement PR review.