From 33e827c6ccbcf6b09633571814b93c7377dbd961 Mon Sep 17 00:00:00 2001
From: Joachim Jablon <ewjoachim@gmail.com>
Date: Tue, 12 Mar 2024 16:21:38 +0100
Subject: [PATCH] Security considerations: ids are strings, not integers (#400)

Fix doc regarding using assertion on IDs rather than names. They refer
to IDs as integers, where those are actually strings, so we need to
quote them.

I lost too many hours on this to let anyone else experience the same
issue :D

Signed-off-by: Joachim Jablon <ewjoachim@gmail.com>
---
 docs/SECURITY_CONSIDERATIONS.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/SECURITY_CONSIDERATIONS.md b/docs/SECURITY_CONSIDERATIONS.md
index 0a2120a0..9cb3ad44 100644
--- a/docs/SECURITY_CONSIDERATIONS.md
+++ b/docs/SECURITY_CONSIDERATIONS.md
@@ -40,7 +40,7 @@ curl -sfL -H "Accept: application/json" "https://api.github.com/repos/${REPO}" |
 These can be used in an Attribute Condition:
 
 ```cel
-assertion.repository_owner_id == 1342004 && assertion.repository_id == 260064828
+assertion.repository_owner_id == '1342004' && assertion.repository_id == '260064828'
 ```
 
 [cybersquatting]: https://en.wikipedia.org/wiki/Cybersquatting