From f53c5cf532e767cd85eaee675dda53808b83e9b0 Mon Sep 17 00:00:00 2001 From: Kyle Mestery Date: Thu, 14 Jul 2022 10:44:47 -0500 Subject: [PATCH] first-interaction: Fix repository issues Per [1], we need to use pull_request_target instead of pull_request here. The tl;dr is that this runs as the *users* credentials, but they may not have access to the repo. See also [2]. [1] https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ [2] https://github.com/actions/first-interaction/issues/31 Signed-off-by: Kyle Mestery --- .github/workflows/first-interaction.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/first-interaction.yml b/.github/workflows/first-interaction.yml index ba799be5..38eb58b2 100644 --- a/.github/workflows/first-interaction.yml +++ b/.github/workflows/first-interaction.yml @@ -3,7 +3,7 @@ name: 'First Interaction' on: issues: types: [ opened ] - pull_request: + pull_request_target: branches: [ main ] workflow_dispatch: