fix(ci): Prevent shell injection in commit message handling + failing console width test (#341)

Author: blanca-pablos

.github/workflows/build-native-only.yml

@@ -39,9 +39,12 @@ jobs:
             COMMIT_MESSAGE="${{ github.event.head_commit.message }}"
           fi
           # Export for use in other steps (multiline-safe)
-          echo "commit_message<<EOF" >> $GITHUB_OUTPUT
-          echo "$COMMIT_MESSAGE" >> $GITHUB_OUTPUT
-          echo "EOF" >> $GITHUB_OUTPUT
+          # Use printf with %s to avoid interpreting special characters
+          {
+            echo "commit_message<<EOF"
+            printf "%s\n" "$COMMIT_MESSAGE"
+            echo "EOF"
+          } >> $GITHUB_OUTPUT
 
   check-trigger-condition:
     runs-on: ubuntu-latest

.github/workflows/ci-cd.yml

@@ -52,9 +52,12 @@ jobs:
             COMMIT_MESSAGE='${{ github.event.head_commit.message }}'
           fi
           # Export for use in other steps (multiline-safe)
-          echo "commit_message<<EOF" >> $GITHUB_OUTPUT
-          echo "$COMMIT_MESSAGE" >> $GITHUB_OUTPUT
-          echo "EOF" >> $GITHUB_OUTPUT
+          # Use printf with %s to avoid interpreting special characters
+          {
+            echo "commit_message<<EOF"
+            printf "%s\n" "$COMMIT_MESSAGE"
+            echo "EOF"
+          } >> $GITHUB_OUTPUT
 
   lint:
     needs: [get-commit-message]

src/aignostics/utils/_console.py

@@ -24,6 +24,7 @@ def _get_console() -> Console:
             "error": "red1",
         }),
         width=int(os.environ.get("AIGNOSTICS_CONSOLE_WIDTH", "0")) or None,
+        legacy_windows=False,  # Modern Windows (10+) doesn't need width adjustment
     )