From 3e36891904e90e84223efc7af2c1c7023a8dd181 Mon Sep 17 00:00:00 2001
From: fkwp <github-fkwp@w4ve.de>
Date: Thu, 12 Mar 2026 09:49:19 +0100
Subject: [PATCH] improve comments

---
 .github/workflows/publish-embedded-packages.yaml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/publish-embedded-packages.yaml b/.github/workflows/publish-embedded-packages.yaml
index 349569c9..8ea58ff5 100644
--- a/.github/workflows/publish-embedded-packages.yaml
+++ b/.github/workflows/publish-embedded-packages.yaml
@@ -22,9 +22,10 @@ jobs:
       TAG: ${{ steps.tag.outputs.TAG }}
     steps:
       - name: Calculate VERSION
-        # We should only use the hard coded test value for a dry run
+        # Safely store dynamic values in environment variables 
+        # to prevent shell injection (template-injection)
         run: |
-          # Die Logik wird nun innerhalb der Shell mit den Variablen ausgeführt
+          # The logic is executed within the shell using the env variables
           if [ "$EVENT_NAME" = "release" ]; then
             echo "VERSION=$RELEASE_TAG" >> "$GITHUB_ENV"
           else