diff --git a/.github/workflows/__call-update-flathub-repo.yml b/.github/workflows/__call-update-flathub-repo.yml index 86a8726c..dc7182f0 100644 --- a/.github/workflows/__call-update-flathub-repo.yml +++ b/.github/workflows/__call-update-flathub-repo.yml @@ -130,15 +130,34 @@ jobs: if: >- steps.check-label.outputs.hasTopic == 'true' && steps.check-release.outputs.isLatestRelease == 'true' + env: + CHANGELOG: ${{ github.event.release.body }} run: | + # Set the metainfo file and placeholder generated by the release asset. xml_file="flathub/${{ env.FLATHUB_PKG }}/${{ env.FLATHUB_PKG }}.metainfo.xml" + placeholder="" + + # Treat replacement text literally during Bash parameter substitutions. + shopt -u patsub_replacement 2>/dev/null || true + + # Escape XML-sensitive characters from the release body. + changelog="${CHANGELOG:-}" + changelog="${changelog//&/&}" + changelog="${changelog///>}" + + # Read the full metainfo file, preserving newlines. + IFS= read -r -d '' contents < "$xml_file" || true - # Extract release information - changelog="${{ github.event.release.body }}" && changelog="${changelog//&/&}" && \ - changelog="${changelog///>}" + # Fail clearly if the generated metainfo file no longer has the expected marker. + if [[ "$contents" != *"$placeholder"* ]]; then + echo "$placeholder not found in $xml_file" + exit 1 + fi - # Replace changelog placeholder with actual changelog - sed -i "s||$changelog|g" "$xml_file" + # Replace the placeholder with the escaped changelog and write the file back. + contents="${contents//$placeholder/$changelog}" + printf '%s' "$contents" > "$xml_file" - name: Update submodule if: >-