Skip to content

chore: Replace pull_request_target with pull_request in PR title validation#2457

Merged
kodiakhq[bot] merged 1 commit intomainfrom
chore/replace-pull-request-target
Mar 25, 2026
Merged

chore: Replace pull_request_target with pull_request in PR title validation#2457
kodiakhq[bot] merged 1 commit intomainfrom
chore/replace-pull-request-target

Conversation

@erezrokah
Copy link
Member

@erezrokah erezrokah commented Mar 25, 2026

Replace pull_request_target with pull_request to reduce attack surface. The semantic PR title action only reads the event payload, so elevated permissions are not needed.

Copilot AI review requested due to automatic review settings March 25, 2026 14:03
Copilot AI reviewed Mar 25, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the PR title validation GitHub Actions workflow to run on the pull_request event instead of pull_request_target, reducing exposure to elevated pull_request_target permissions while still validating PR titles.

Changes:

  • Switch workflow trigger from pull_request_target to pull_request for PR title validation.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@kodiakhq kodiakhq bot merged commit f891f73 into main Mar 25, 2026
14 checks passed
@kodiakhq kodiakhq bot deleted the chore/replace-pull-request-target branch March 25, 2026 16:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@disq disq disq approved these changes

Assignees

No one assigned

Labels

automerge

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@erezrokah @disq