From 58fc32ea368c59f89fa1848bcc43d7a19af84cbe Mon Sep 17 00:00:00 2001
From: Raphael Salas <raphdev@users.noreply.github.com>
Date: Tue, 14 May 2024 20:16:37 +0000
Subject: [PATCH] fix(ci): move untrusted gh context to envvar

---
 .github/workflows/mergify-ready.yml | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/mergify-ready.yml b/.github/workflows/mergify-ready.yml
index 24476753084..604fb7f9dd2 100644
--- a/.github/workflows/mergify-ready.yml
+++ b/.github/workflows/mergify-ready.yml
@@ -57,11 +57,12 @@ jobs:
         with:
           fetch-depth: 0
       - shell: bash
+        env:
+          HEAD_SHA: ${{ github.event.pull_request.head.sha }}
+          HEAD_LABEL: ${{ github.event.pull_request.head.label }}
+          BASE_SHA: ${{ github.event.pull_request.base.sha }}
+          BASE_LABEL: ${{ github.event.pull_request.base.label }}
         run: |
-          HEAD_SHA=${{ github.event.pull_request.head.sha }}
-          HEAD_LABEL="${{ github.event.pull_request.head.label }}"
-          BASE_SHA=${{ github.event.pull_request.base.sha }}
-          BASE_LABEL="${{ github.event.pull_request.base.label }}"
           merge_commits=$(git rev-list --merges "$BASE_SHA".."$HEAD_SHA")
 
           if [ -n "$merge_commits" ]; then