Updating federation compatibility check to trigger on pull_request and use regular GITHUB_TOKEN. This eliminates potential security vulnerability on workflows triggered through pull_request_target event but has a drawback that comments from compatibility action will only work on PRs from origin (i.e. it will no longer be able to comment on PRs from forks).
Updating federation compatibility check to trigger on
pull_request
and use regularGITHUB_TOKEN
. This eliminates potential security vulnerability on workflows triggered throughpull_request_target
event but has a drawback that comments from compatibility action will only work on PRs from origin (i.e. it will no longer be able to comment on PRs from forks).