From 86b1a4e9ace610dc0e077677e7f43396de22f5a1 Mon Sep 17 00:00:00 2001
From: El RIDO <elrido@gmx.net>
Date: Sat, 13 Sep 2025 07:20:25 +0200
Subject: [PATCH 1/3] disable running snyk if triggering user doesn't have
 access to the secret

---
 .github/workflows/snyk-scan.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/snyk-scan.yml b/.github/workflows/snyk-scan.yml
index 72e58de3..93839271 100644
--- a/.github/workflows/snyk-scan.yml
+++ b/.github/workflows/snyk-scan.yml
@@ -12,7 +12,7 @@ jobs:
   # https://github.com/snyk/actions/tree/master/php
   snyk-php:
     runs-on: ubuntu-latest
-    if: ${{ github.repository == 'PrivateBin/PrivateBin' }}
+    if: ${{ github.repository == 'PrivateBin/PrivateBin' && (github.event.pull_request.author_association == 'COLLABORATOR' || github.event.pull_request.author_association == 'OWNER') }}
     steps:
       - uses: actions/checkout@v5
       - name: Install Google Cloud Storage

From 5cca4be89a98aa19fe2fbf8be7400e3bcb4d48d0 Mon Sep 17 00:00:00 2001
From: El RIDO <elrido@gmx.net>
Date: Sat, 13 Sep 2025 07:21:10 +0200
Subject: [PATCH 2/3] enable running tests on pull requests

---
 .github/workflows/tests.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index 01cfdbb4..a33660b2 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -1,6 +1,8 @@
 name: Tests
 on:
   push:
+  pull_request:
+    branches: [ master ]
   workflow_dispatch:
 
 jobs:

From e775647206c1333a7eaf5d5f0398e9c456892080 Mon Sep 17 00:00:00 2001
From: El RIDO <elrido@gmx.net>
Date: Sat, 13 Sep 2025 07:56:54 +0200
Subject: [PATCH 3/3] attempting to make the condition list more readable

---
 .github/workflows/snyk-scan.yml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/snyk-scan.yml b/.github/workflows/snyk-scan.yml
index 93839271..851211f2 100644
--- a/.github/workflows/snyk-scan.yml
+++ b/.github/workflows/snyk-scan.yml
@@ -12,7 +12,12 @@ jobs:
   # https://github.com/snyk/actions/tree/master/php
   snyk-php:
     runs-on: ubuntu-latest
-    if: ${{ github.repository == 'PrivateBin/PrivateBin' && (github.event.pull_request.author_association == 'COLLABORATOR' || github.event.pull_request.author_association == 'OWNER') }}
+    if: |
+      github.repository == 'PrivateBin/PrivateBin' && (
+      github.event.pull_request.author_association == 'COLLABORATOR' ||
+      github.event.pull_request.author_association == 'CONTRIBUTOR' ||
+      github.event.pull_request.author_association == 'MEMBER' ||
+      github.event.pull_request.author_association == 'OWNER' )
     steps:
       - uses: actions/checkout@v5
       - name: Install Google Cloud Storage