From 43ac81f1ac73bec65040f0b29137b5b11cdd56de Mon Sep 17 00:00:00 2001
From: Affaan Mustafa <affaan@dcube.ai>
Date: Tue, 31 Mar 2026 23:00:58 -0700
Subject: [PATCH] fix: harden reusable release tag validation

---
 .github/workflows/reusable-release.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/reusable-release.yml b/.github/workflows/reusable-release.yml
index 8566c92e..2a7b5786 100644
--- a/.github/workflows/reusable-release.yml
+++ b/.github/workflows/reusable-release.yml
@@ -28,8 +28,10 @@ jobs:
           fetch-depth: 0
 
       - name: Validate version tag
+        env:
+          INPUT_TAG: ${{ inputs.tag }}
         run: |
-          if ! [[ "${{ inputs.tag }}" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+          if ! [[ "$INPUT_TAG" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
             echo "Invalid version tag format. Expected vX.Y.Z"
             exit 1
           fi