From 81ce5aad9437b4c564a4f80d3301ba32c68b5acd Mon Sep 17 00:00:00 2001
From: yyforyongyu <yong2452@gmail.com>
Date: Fri, 4 Jul 2025 06:36:22 +0300
Subject: [PATCH] .github: run PR review stats only for side branches

---
 .github/workflows/stats.yml | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/stats.yml b/.github/workflows/stats.yml
index b3969775a..62b79f9b0 100644
--- a/.github/workflows/stats.yml
+++ b/.github/workflows/stats.yml
@@ -4,12 +4,21 @@ on:
   pull_request:
     types: [opened]
 
+permissions:
+  # Required to post stats as comments.
+  actions: write
+  # Default permission for checking out code.
+  contents: read
+
 jobs:
   stats:
     runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      pull-requests: write
+
+    # Check if the PR is from the base repo (not a fork). Only the
+    # collaborators have the permission to create a side branch from the base
+    # repo, so this implicitly restricts who can run this job.
+    if: github.event.pull_request.head.repo.fork == false
+
     steps:
       - name: Run pull request stats
         uses: flowwer-dev/pull-request-stats@v2.11.0