diff --git a/.github/workflows/fossa.yml b/.github/workflows/fossa.yml index 9e97442dea..e1fc57a0ba 100644 --- a/.github/workflows/fossa.yml +++ b/.github/workflows/fossa.yml @@ -26,6 +26,7 @@ on: workflow_dispatch: {} jobs: fossa-scan: + if: github.repository_owner == 'dapr' # FOSSA is not intended to run on forks. runs-on: ubuntu-latest env: FOSSA_API_KEY: b88e1f4287c3108c8751bf106fb46db6 # This is a push-only token that is safe to be exposed. @@ -42,4 +43,4 @@ jobs: uses: fossas/fossa-action@main # Use a specific version if locking is preferred with: api-key: ${{ env.FOSSA_API_KEY }} - run-tests: true \ No newline at end of file + run-tests: true