From 032ab142bd313e8d46617e796f879170856ee96a Mon Sep 17 00:00:00 2001 From: Desu Sai Venkat <48179357+desusai7@users.noreply.github.com> Date: Thu, 12 Sep 2024 15:20:30 +0530 Subject: [PATCH] ci: changed pull_request_target to pull_request and removed the authorize step (#796) # ci: changed pull_request_target to pull_request and removed the authorize step ### Checklist - [ ] All active GitHub checks for tests, formatting, and security are passing - [ ] The correct base branch is being used, if not the default branch --- .github/workflows/browserstack.yml | 9 +-------- .github/workflows/integration.yml | 11 +---------- .github/workflows/semgrep.yml | 11 +---------- .github/workflows/snyk.yml | 10 +--------- 4 files changed, 4 insertions(+), 37 deletions(-) diff --git a/.github/workflows/browserstack.yml b/.github/workflows/browserstack.yml index 5b5922eb..d136b1ba 100644 --- a/.github/workflows/browserstack.yml +++ b/.github/workflows/browserstack.yml @@ -3,7 +3,7 @@ name: Browserstack on: merge_group: workflow_dispatch: - pull_request_target: + pull_request: types: - opened - synchronize @@ -22,15 +22,8 @@ env: NODE_VERSION: 18 jobs: - authorize: - name: Authorize - environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }} - runs-on: ubuntu-latest - steps: - - run: true browserstack: - needs: authorize # Require approval before running on forked pull requests name: BrowserStack Tests runs-on: ubuntu-latest diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml index 38790846..1588248f 100644 --- a/.github/workflows/integration.yml +++ b/.github/workflows/integration.yml @@ -3,7 +3,7 @@ name: Integration Tests on: merge_group: workflow_dispatch: - pull_request_target: + pull_request: types: - opened - synchronize @@ -22,16 +22,7 @@ env: NODE_VERSION: 18 jobs: - - authorize: - name: Authorize - environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }} - runs-on: ubuntu-latest - steps: - - run: true - test-examples: - needs: authorize # Require approval before running on forked pull requests name: Run example tests runs-on: ubuntu-latest diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index ea3fb0fe..4ebae219 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -2,7 +2,7 @@ name: Semgrep on: merge_group: - pull_request_target: + pull_request: types: - opened - synchronize @@ -21,16 +21,7 @@ concurrency: cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} jobs: - authorize: - name: Authorize - environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }} - runs-on: ubuntu-latest - steps: - - run: true - run: - needs: authorize # Require approval before running on forked pull requests - name: Check for Vulnerabilities runs-on: ubuntu-latest diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml index 789de816..907a2776 100644 --- a/.github/workflows/snyk.yml +++ b/.github/workflows/snyk.yml @@ -3,7 +3,7 @@ name: Snyk on: merge_group: workflow_dispatch: - pull_request_target: + pull_request: types: - opened - synchronize @@ -22,15 +22,7 @@ concurrency: cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} jobs: - authorize: - name: Authorize - environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }} - runs-on: ubuntu-latest - steps: - - run: true - check: - needs: authorize name: Check for Vulnerabilities runs-on: ubuntu-latest