fix: pass user inputs via env vars to prevent shell/code injection

action.yml

@@ -35,8 +35,10 @@ runs:
         update-environment: false
 
     - id: cibw
+      # SECURITY: inputs.extras passed via env var to prevent interpolation into
+      # the Python heredoc, which would allow arbitrary code execution.
       env:
-        CIBW_ACTION_EXTRAS: ${{ inputs.extras }}
+        CIBW_EXTRAS_INPUT: ${{ inputs.extras }}
       run: |
         # Install cibuildwheel
         "${{ steps.python.outputs.python-path }}" -u << "EOF"
@@ -48,7 +50,7 @@ runs:
         from pathlib import Path
         from subprocess import run
 
-        EXTRAS = set(e.strip() for e in os.environ.get("CIBW_ACTION_EXTRAS", "").split(",") if e.strip())
+        EXTRAS = set(e.strip() for e in os.environ.get("CIBW_EXTRAS_INPUT", "").split(",") if e.strip())
 
 
         class EnvBuilder(venv.EnvBuilder):
@@ -99,34 +101,44 @@ runs:
       shell: bash
 
     # Redirecting stderr to stdout to fix interleaving issue in Actions.
+    # SECURITY: All user-controlled inputs passed via env vars to prevent shell
+    # injection through GitHub Actions expression interpolation.
     - env:
+        CIBW_BIN: ${{ steps.cibw.outputs.cibw-bin }}
+        CIBW_PREPEND_PATH: ${{ steps.cibw.outputs.prepend-path }}
         CIBW_PACKAGE_DIR: ${{ inputs.package-dir }}
         CIBW_OUTPUT_DIR: ${{ inputs.output-dir }}
         CIBW_CONFIG_FILE: ${{ inputs.config-file }}
         CIBW_ONLY: ${{ inputs.only }}
       run: |
-        export PATH="${{ steps.cibw.outputs.prepend-path }}:$PATH"
+        export PATH="${CIBW_PREPEND_PATH}:$PATH"
 
-        args=("${{ steps.cibw.outputs.cibw-bin }}" "$CIBW_PACKAGE_DIR")
-        [[ -n "$CIBW_OUTPUT_DIR"  ]] && args+=(--output-dir  "$CIBW_OUTPUT_DIR")
-        [[ -n "$CIBW_CONFIG_FILE" ]] && args+=(--config-file "$CIBW_CONFIG_FILE")
-        [[ -n "$CIBW_ONLY"        ]] && args+=(--only        "$CIBW_ONLY")
-        "${args[@]}" 2>&1
+        cmd=("${CIBW_BIN}" "${CIBW_PACKAGE_DIR}")
+        [[ -n "${CIBW_OUTPUT_DIR}" ]]  && cmd+=(--output-dir "${CIBW_OUTPUT_DIR}")
+        [[ -n "${CIBW_CONFIG_FILE}" ]] && cmd+=(--config-file "${CIBW_CONFIG_FILE}")
+        [[ -n "${CIBW_ONLY}" ]]        && cmd+=(--only "${CIBW_ONLY}")
+
+        "${cmd[@]}" 2>&1
       shell: bash
       if: runner.os != 'Windows'
 
     # Windows needs powershell to interact nicely with Meson
+    # SECURITY: All user-controlled inputs passed via env vars to prevent injection.
     - env:
+        CIBW_BIN: ${{ steps.cibw.outputs.cibw-bin }}
+        CIBW_PREPEND_PATH: ${{ steps.cibw.outputs.prepend-path }}
         CIBW_PACKAGE_DIR: ${{ inputs.package-dir }}
         CIBW_OUTPUT_DIR: ${{ inputs.output-dir }}
         CIBW_CONFIG_FILE: ${{ inputs.config-file }}
         CIBW_ONLY: ${{ inputs.only }}
       run: |
-        $env:PATH = "${{ steps.cibw.outputs.prepend-path }};$env:PATH"
-        $args = @($env:CIBW_PACKAGE_DIR)
-        if ($env:CIBW_OUTPUT_DIR)  { $args += "--output-dir",  $env:CIBW_OUTPUT_DIR }
-        if ($env:CIBW_CONFIG_FILE) { $args += "--config-file", $env:CIBW_CONFIG_FILE }
-        if ($env:CIBW_ONLY)        { $args += "--only",        $env:CIBW_ONLY }
-        & "${{ steps.cibw.outputs.cibw-bin }}" @args
+        $env:PATH = "${env:CIBW_PREPEND_PATH};$env:PATH"
+
+        $cmd = @("${env:CIBW_BIN}", "${env:CIBW_PACKAGE_DIR}")
+        if ($env:CIBW_OUTPUT_DIR)  { $cmd += "--output-dir";  $cmd += $env:CIBW_OUTPUT_DIR }
+        if ($env:CIBW_CONFIG_FILE) { $cmd += "--config-file"; $cmd += $env:CIBW_CONFIG_FILE }
+        if ($env:CIBW_ONLY)        { $cmd += "--only";        $cmd += $env:CIBW_ONLY }
+
+        & $cmd[0] $cmd[1..$cmd.Length]
       shell: pwsh
       if: runner.os == 'Windows'