From 86b1a4e9ace610dc0e077677e7f43396de22f5a1 Mon Sep 17 00:00:00 2001
From: El RIDO <elrido@gmx.net>
Date: Sat, 13 Sep 2025 07:20:25 +0200
Subject: [PATCH] disable running snyk if triggering user doesn't have access
 to the secret

---
 .github/workflows/snyk-scan.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/snyk-scan.yml b/.github/workflows/snyk-scan.yml
index 72e58de3..93839271 100644
--- a/.github/workflows/snyk-scan.yml
+++ b/.github/workflows/snyk-scan.yml
@@ -12,7 +12,7 @@ jobs:
   # https://github.com/snyk/actions/tree/master/php
   snyk-php:
     runs-on: ubuntu-latest
-    if: ${{ github.repository == 'PrivateBin/PrivateBin' }}
+    if: ${{ github.repository == 'PrivateBin/PrivateBin' && (github.event.pull_request.author_association == 'COLLABORATOR' || github.event.pull_request.author_association == 'OWNER') }}
     steps:
       - uses: actions/checkout@v5
       - name: Install Google Cloud Storage