Change trigger from pull_request_target to pull_request

The security implications of using pull_request_target seem daunting so lets focus on maintainers' use case first and later consider forks later

Author: banginji

.github/workflows/poetry-checks.yml

@@ -1,11 +1,11 @@
 name: poetry checks
 
 on:
-  pull_request_target:
+  pull_request:
     branches: [ "main" ]
 
 concurrency:
-  group: ${{ github.workflow }}-${{ github.event.pull_request_target.number || github.ref }}
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
   cancel-in-progress: true
 
 permissions: {}