From 2f3c762e8544aafc20cfd2affb2f480521faaa41 Mon Sep 17 00:00:00 2001
From: Benjamin Lu <benceruleanlu@proton.me>
Date: Mon, 14 Jul 2025 14:08:44 -0400
Subject: [PATCH] [fix] Fix Danger CI permissions for PRs from forks (#4449)

It's good to have working and in ASAP, although better approaches are being researched and investigated
---
 .github/workflows/danger.yaml | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/danger.yaml b/.github/workflows/danger.yaml
index 68520a8cb..8f66cfebd 100644
--- a/.github/workflows/danger.yaml
+++ b/.github/workflows/danger.yaml
@@ -1,8 +1,14 @@
 name: Danger PR Review
 on:
-  pull_request:
+  pull_request_target:
     types: [opened, edited, synchronize]
 
+permissions:
+  contents: read
+  issues: write # What Danger needs to comment on PRs
+  pull-requests: write
+  statuses: write
+
 jobs:
   danger:
     runs-on: ubuntu-latest
@@ -10,6 +16,7 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v4
         with:
+          ref: ${{ github.event.pull_request.head.sha }}
           fetch-depth: 0
 
       - name: Setup Node.js