fix(workflow): update commit message validation to use pull_request event

Author: Thels

.github/workflows/validate-commit-messages.yml

@@ -2,24 +2,18 @@ name: Validate Commit Messages
 
 permissions:
   contents: read
-  pull-requests: write
-  issues: write
 
 on:
-  pull_request_target:
+  pull_request:
     types: [opened, edited, synchronize]
 
 jobs:
   commitlint:
     runs-on: ubuntu-latest
-    # Security: Only run on events we trust (not from untrusted forks doing malicious things)
-    if: github.event_name == 'pull_request_target' && github.event.action != 'closed'
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
         with:
-          # For pull_request_target, we need to explicitly checkout the PR head
-          ref: ${{ github.event.pull_request.head.sha }}
           fetch-depth: 0
 
       - name: Setup Node.js
@@ -31,86 +25,13 @@ jobs:
       - name: Install dependencies
         run: npm ci
 
-      - name: Validate current commit (last commit)
-        id: commitlint-last
-        run: npx commitlint --from HEAD~1 --to HEAD --verbose
-        continue-on-error: true
-
       - name: Validate all commits in PR
-        id: commitlint-pr
-        run: npx commitlint --from ${{ github.event.pull_request.base.sha }} --to HEAD --verbose
-        continue-on-error: true
-
-      - name: Comment PR with commit guidelines (on failure)
-        if: steps.commitlint-last.outcome == 'failure' || steps.commitlint-pr.outcome == 'failure'
-        uses: actions/github-script@v7
-        continue-on-error: true
-        with:
-          script: |
-            try {
-              const message = `## 🚨 Commit Message Validation Failed
-
-              Your commit messages don't follow our conventional commit format. Here's what you need to know:
-
-              ### ✅ Valid Commit Format
-              \`\`\`
-              <type>(<scope>): <description>
-
-              [optional body]
-
-              [optional footer(s)]
-              \`\`\`
-
-              ### 📋 Required Elements
-              - **type**: The kind of change (feat, fix, docs, style, refactor, test, chore, etc.)
-              - **scope**: The module affected (optional but recommended - can be auto-detected)
-              - **description**: A short description of the change (lowercase, no period at the end)
-
-              ### 🎯 Examples of Good Commits
-              \`\`\`
-              feat(cli): add semantic versioning support
-              fix(shared): resolve validation error for empty schemas
-              docs: update installation instructions
-              chore(deps): update typescript to version 5.8.3
-              test(cli): add unit tests for version command
-              \`\`\`
-
-              ### 🔄 Why We Use Conventional Commits
-              - **Automated Versioning**: We use semantic-release to automatically determine version bumps
-              - **Changelog Generation**: Commit messages become our release notes
-              - **Better Collaboration**: Clear, consistent commit history helps everyone understand changes
-              - **Selective Releases**: Only CLI-scoped commits trigger CLI releases
-              - **Scope Auto-detection**: We provide tools to help detect the right scope from your changes
-
-              ### 🛠️ How to Fix
-              1. **Rewrite your commit messages** using \`git rebase -i\`
-              2. **Use the correct format** shown above
-              3. **Consider adding scope** for better organization (use \`./commit-helper.sh\` for suggestions)
-              4. **Keep descriptions lowercase** and without trailing periods
-
-              ### 🔧 Version Impact (CLI only)
-              - \`fix(cli):\` → PATCH release (1.0.1)
-              - \`feat(cli):\` → MINOR release (1.1.0)  
-              - \`feat(cli)!:\` or \`BREAKING CHANGE:\` → MAJOR release (2.0.0)
-              - \`fix(shared):\` → No CLI release (affects shared module only)
-
-              Please update your commits and push again. Thank you! 🙏`;
-
-              await github.rest.issues.createComment({
-                issue_number: context.issue.number,
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                body: message
-              });
-              
-              console.log('✅ Successfully posted commit guidelines comment');
-            } catch (error) {
-              console.log('⚠️ Could not post comment (likely permissions issue):', error.message);
-              console.log('📋 Commit validation failed - see job logs for details');
-            }
-
-      - name: Fail workflow if commitlint failed
-        if: steps.commitlint-last.outcome == 'failure' || steps.commitlint-pr.outcome == 'failure'
+        run: |
+          echo "� Validating commit messages from base branch to HEAD..."
+          npx commitlint --from ${{ github.event.pull_request.base.sha }} --to HEAD --verbose
+          
+      - name: Display validation summary
+        if: failure()
         run: |
           echo "## 🚨 Commit Message Validation Failed" >> $GITHUB_STEP_SUMMARY
           echo "" >> $GITHUB_STEP_SUMMARY
@@ -127,6 +48,3 @@ jobs:
           echo "### 🛠️ How to Fix" >> $GITHUB_STEP_SUMMARY
           echo "1. Use \`git rebase -i\` to rewrite commit messages" >> $GITHUB_STEP_SUMMARY
           echo "2. Follow the format: \`<type>(<scope>): <description>\`" >> $GITHUB_STEP_SUMMARY
-          echo "3. Run \`./commit-helper.sh\` for scope suggestions" >> $GITHUB_STEP_SUMMARY
-          echo "" >> $GITHUB_STEP_SUMMARY
-          exit 1