From 3f925105cb213c1d923ef1b660057f568975ed2f Mon Sep 17 00:00:00 2001 From: Lea Anthony Date: Sun, 13 Jul 2025 12:05:37 +1000 Subject: [PATCH] Fix: prevent pushing to v3-alpha main branch, only push to PR feature branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude --- .github/workflows/changelog-v3.yml | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/.github/workflows/changelog-v3.yml b/.github/workflows/changelog-v3.yml index 1bed8de8b..4af47c08f 100644 --- a/.github/workflows/changelog-v3.yml +++ b/.github/workflows/changelog-v3.yml @@ -18,6 +18,7 @@ jobs: permissions: contents: write pull-requests: write + actions: write steps: - name: Checkout PR code @@ -25,7 +26,7 @@ jobs: with: ref: ${{ github.event.pull_request.head.sha || format('refs/pull/{0}/head', github.event.inputs.pr_number) }} fetch-depth: 0 - token: ${{ secrets.GITHUB_TOKEN }} + token: ${{ secrets.GITHUB_TOKEN || github.token }} - name: Get REAL validation script from v3-alpha run: | @@ -111,8 +112,19 @@ jobs: BRANCH_NAME="${{ github.event.pull_request.head.ref }}" else # For manual workflow dispatch, get PR info - PR_INFO=$(gh pr view ${{ steps.pr_info.outputs.pr_number }} --json headRefName) + PR_INFO=$(gh pr view ${{ steps.pr_info.outputs.pr_number }} --json headRefName,headRepository) BRANCH_NAME=$(echo "$PR_INFO" | jq -r '.headRefName') + HEAD_REPO=$(echo "$PR_INFO" | jq -r '.headRepository.name') + + echo "🔍 PR source branch: $BRANCH_NAME" + echo "🔍 Head repository: $HEAD_REPO" + + # Don't push if this is from a fork or if branch is v3-alpha (main branch) + if [ "$HEAD_REPO" != "wails" ] || [ "$BRANCH_NAME" = "v3-alpha" ]; then + echo "⚠️ Cannot push - either fork or direct v3-alpha branch. Manual fix required." + echo "committed=false" >> $GITHUB_OUTPUT + exit 0 + fi fi echo "Pushing to branch: $BRANCH_NAME in repo: $REPO_OWNER"