Skip commit message suggestions for PRs from forked repositories (#2093)

rickie · web-flow · commit b7844010e6f5 · 2026-02-23T09:40:53.000+01:00
Because such workflow runs will fail due to unavailability of the 
relevant secrets. Working around this is nontrivial and a likely source
of security issues.
diff --git a/.github/workflows/suggest-commit-message.yml b/.github/workflows/suggest-commit-message.yml
@@ -29,6 +29,10 @@ env:
     registry.npmjs.org:443
 jobs:
   suggest:
+    # No commit message is suggested for code originating from forked
+    # repositories, as such workflow runs do not have access to the requisite
+    # secrets.
+    if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
     permissions:
       contents: read
       pull-requests: write
