From d964c1163b9d26acf486b619b49bbba562807992 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sat, 21 Feb 2026 04:43:25 +0000 Subject: [PATCH 1/2] Initial plan From 923eba0a9b60026f05fdc42b5833068584f81975 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sat, 21 Feb 2026 04:44:39 +0000 Subject: [PATCH 2/2] Remove trigger-pr-review-fork.yml from dogfood repo Co-authored-by: strawgate <6384545+strawgate@users.noreply.github.com> --- .github/workflows/trigger-pr-review-fork.yml | 39 -------------------- 1 file changed, 39 deletions(-) delete mode 100644 .github/workflows/trigger-pr-review-fork.yml diff --git a/.github/workflows/trigger-pr-review-fork.yml b/.github/workflows/trigger-pr-review-fork.yml deleted file mode 100644 index df366198..00000000 --- a/.github/workflows/trigger-pr-review-fork.yml +++ /dev/null @@ -1,39 +0,0 @@ -# ⚠️ SECURITY WARNING — READ BEFORE USING -# -# This workflow uses the `pull_request_target` trigger so that it runs in the -# context of the *base* repository and has access to repository secrets. -# That makes it work for pull requests from forks, which do NOT have access -# to secrets when triggered by the standard `pull_request` event. -# -# RISKS ON PUBLIC REPOSITORIES -# • `pull_request_target` grants access to secrets even for untrusted forks. -# • If you add `setup-commands` that execute code from the pull request, a -# malicious fork could exfiltrate your secrets. -# • The agent itself does NOT check out PR code — it reads the diff via the -# GitHub API — so it is safe in the default configuration. Any change to -# `setup-commands` that runs fork code breaks that guarantee. -# -# RECOMMENDATION -# • Only use this trigger on PRIVATE repositories, or on public repositories -# where every contributor is explicitly trusted. -# • Never pass `setup-commands` that check out or execute code from the PR. -# • Prefer the standard `pull_request` trigger (pr-review/example.yml) for -# public repositories. -name: Trigger PR Review (Fork) -on: - pull_request_target: - types: [opened, synchronize, reopened, ready_for_review, labeled, unlabeled] - -permissions: - contents: read - issues: read - pull-requests: write - -jobs: - run: - if: >- - github.event.pull_request.draft == false && - !contains(github.event.pull_request.labels.*.name, 'skip-auto-pr-review') - uses: ./.github/workflows/gh-aw-pr-review.lock.yml - secrets: - COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }}