From 83b1b63d22d95f3c937f332c6b8f97cf88e04a67 Mon Sep 17 00:00:00 2001
From: Carlo Cabrera <30379873+carlocab@users.noreply.github.com>
Date: Mon, 19 Aug 2024 15:02:32 +0800
Subject: [PATCH] workflows: set `type: number` where applicable

Inputs seem to support `type: number` now[^1], so we should use them
where we can to improve the type-safety of these workflows and to
minimise our exposure to workflow injection.

[^1]: https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/accessing-contextual-information-about-workflow-runs#inputs-context
---
 .github/workflows/create-replacement-pr.yml  | 1 +
 .github/workflows/dispatch-build-bottle.yml  | 4 +++-
 .github/workflows/dispatch-rebottle.yml      | 4 +++-
 .github/workflows/publish-commit-bottles.yml | 1 +
 4 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/create-replacement-pr.yml b/.github/workflows/create-replacement-pr.yml
index be167025f6f9..93c518c93a29 100644
--- a/.github/workflows/create-replacement-pr.yml
+++ b/.github/workflows/create-replacement-pr.yml
@@ -10,6 +10,7 @@ on:
     inputs:
       pull_request:
         description: Pull request number
+        type: number
         required: true
       autosquash:
         description: "Squash pull request commits according to Homebrew style? (default: true)"
diff --git a/.github/workflows/dispatch-build-bottle.yml b/.github/workflows/dispatch-build-bottle.yml
index 0075402fe41a..a1c48c61894d 100644
--- a/.github/workflows/dispatch-build-bottle.yml
+++ b/.github/workflows/dispatch-build-bottle.yml
@@ -13,10 +13,12 @@ on:
         required: true
       timeout:
         description: "Build timeout (in minutes, default: 60 minutes)"
-        default: "60"
+        type: number
+        default: 60
         required: false
       issue:
         description: Issue number, where comment on failure would be posted
+        type: number
         required: false
       upload:
         description: "Upload built bottles? (default: false)"
diff --git a/.github/workflows/dispatch-rebottle.yml b/.github/workflows/dispatch-rebottle.yml
index 9dc49b392529..fa5dfa33245b 100644
--- a/.github/workflows/dispatch-rebottle.yml
+++ b/.github/workflows/dispatch-rebottle.yml
@@ -10,10 +10,12 @@ on:
         required: true
       timeout:
         description: "Build timeout (in minutes, default: 60 minutes)"
-        default: "60"
+        type: number
+        default: 60
         required: false
       issue:
         description: Issue number, where comment on failure would be posted
+        type: number
         required: false
       upload:
         description: "Upload built bottles? (default: false)"
diff --git a/.github/workflows/publish-commit-bottles.yml b/.github/workflows/publish-commit-bottles.yml
index d1a92ecdacc8..c44fdb5a0fc8 100644
--- a/.github/workflows/publish-commit-bottles.yml
+++ b/.github/workflows/publish-commit-bottles.yml
@@ -11,6 +11,7 @@ on:
     inputs:
       pull_request:
         description: Pull request number
+        type: number
         required: true
       large_runner:
         description: "Run the upload job on a large runner? (default: false)"