diff --git a/.github/workflows/auto-author-assign.yaml b/.github/workflows/auto-author-assign.yaml index f418245..30c79b8 100644 --- a/.github/workflows/auto-author-assign.yaml +++ b/.github/workflows/auto-author-assign.yaml @@ -1,7 +1,11 @@ --- name: "Auto Author Assign" +# Uses pull_request_target so the assign step gets a read-write token on fork +# PRs (pull_request hands forks a read-only token, which makes the assignees +# API call fail). Safe here: the workflow never checks out or executes PR-head +# code, it only assigns the author via the API from the event payload. on: - pull_request: + pull_request_target: types: [opened, reopened, synchronize] permissions: contents: read diff --git a/.github/workflows/mark-ready-when-ready.yml b/.github/workflows/mark-ready-when-ready.yml index fde2354..2825bfe 100644 --- a/.github/workflows/mark-ready-when-ready.yml +++ b/.github/workflows/mark-ready-when-ready.yml @@ -1,7 +1,13 @@ name: Mark PR Ready When Ready +# Uses pull_request_target so the mark-ready step gets a read-write token on +# fork PRs (pull_request hands forks a read-only token, so contents: write is +# denied and the job fails). Safe here: the workflow never checks out or +# executes PR-head code. The action reads the PR number, draft flag, labels, +# and head SHA from the event payload and acts only via the API, so running in +# the base-repo context does not evaluate any untrusted code. on: - pull_request: + pull_request_target: types: [opened, edited, labeled, unlabeled, synchronize] permissions: