Verify analysis-name for security

Author: JohT

.github/workflows/public-analyze-code-graph.yml

@@ -120,6 +120,12 @@ jobs:
       - name: Assure that either artifacts-upload-name or maven-artifacts or sources-upload-name or source-repository is set
         if: inputs.artifacts-upload-name == '' && inputs.maven-artifacts == ''  && inputs.sources-upload-name == '' && inputs.source-repository == ''
         run: echo "Please specify either the input parameter 'artifacts-upload-name' or 'maven-artifacts' or 'sources-upload-name' or 'source-repository'."; exit 1
+      - name: Verify analysis-name only consists of characters safe for folder names
+        run: |
+          if [[ ! "${{ inputs.analysis-name }}" =~ ^[A-Za-z0-9._-]+$ ]]; then
+            echo "The analysis-name '${{ inputs.analysis-name }}' contains invalid characters. Only alphanumeric characters, dots (.), underscores (_) and hyphens (-) are allowed."
+            exit 1
+          fi
 
       - name: Assemble ENVIRONMENT_INFO
         run: echo "ENVIRONMENT_INFO=java-${{ matrix.java }}-python-${{ matrix.python }}-miniforge-${{ matrix.miniforge }}" >> $GITHUB_ENV