chore: prevent untrusted code execution in commit checks (#888)

Signed-off-by: Nathanael DEMACON <ndemacon@scaleway.com>

Author: quantumsheep

.github/workflows/check-pull-request.yml

@@ -19,11 +19,13 @@ jobs:
       - run: pnpm install
       - name: Check title
         run: |
-          title="${{ github.event.pull_request.title }}"
-          title_escaped=${title//\'/\'}
+          title=$(cat <<- "EOF"
+          ${{ github.event.pull_request.title }}
+          EOF
+          )
           if [ "$title" == "feat: update generated APIs" ]; then
             echo "Invalid title."
             exit 1
           else
-            echo "$title_escaped" | pnpm commitlint
+            echo "$title" | pnpm commitlint
           fi