fix: use pull_request_target so AI triage has secret access on PRs
pull_request events from forks/branches cannot access repo secrets, causing 401 auth failures on every PR triage. pull_request_target runs in the base repo context. Safe because the workflow only reads event payload data and sparse-checks base branch docs — no PR code executes. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Lex Christopherson
parent
71c3b12e70
commit
2a87687483
1 changed files with 1 additions and 1 deletions
2
.github/workflows/ai-triage.yml
vendored
2
.github/workflows/ai-triage.yml
vendored
|
|
@ -3,7 +3,7 @@ name: AI Triage
|
|||
on:
|
||||
issues:
|
||||
types: [opened]
|
||||
pull_request:
|
||||
pull_request_target:
|
||||
types: [opened]
|
||||
|
||||
permissions:
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue