CI-hardening: escape the msys2-location output

While that comes from our own action, so we can in theory trust it, escape it for good measure. Can't hurt and silences a warning.
2024-12-06 13:47:33 +01:00 · 2024-12-06 13:47:33 +01:00 · 7eed3d8bc1
commit 7eed3d8bc1
parent 7c78444174
1 changed files with 2 additions and 1 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -177,7 +177,8 @@ jobs:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        GITHUB_TOKEN_READONLY: ${{ secrets.GITHUBTOKENREADONLY }}
        GITHUB_RUN_NAME: ${{ matrix.name }}
+        MSYS2_ROOT: ${{ steps.msys2.outputs.msys2-location }}
      run: |
        $env:VCPKG_ROOT=''
        $BUILD_ROOT='C:\'
-        python -m msys2_autobuild build ${{ matrix.build-args }} '${{ steps.msys2.outputs.msys2-location }}' "$BUILD_ROOT"
+        python -m msys2_autobuild build ${{ matrix.build-args }} "$env:MSYS2_ROOT" "$BUILD_ROOT"