Feature request: Trigger on internal PRs but not fork PRs

Hi, thanks for considering this request!

The Actions documentation helpfully recommends that I not use a self-hosted runner with public repositories because of security concerns. I totally get the reasoning behind that.

I have a public repo where I would like to set up a CI job on a self-hosted runner so that it can have access to some special hardware for testing. My ideal workflow to preserve security would be that builds trigger automatically on pull requests that are opened internal to the repository, but the build must always be triggered manually if a PR is opened from a fork. This way when a fork opens a PR, I can inspect to make sure no malicious changes have been made to the workflows before running the CI.

I don’t think Actions currently has a feature to do this, would you consider adding this feature?

Hey, per the main forum page on the right side, all feature request should go directly to GitHub support here: https://support.github.com


Hi @samkearney ,

Glad to see you in Github Community Forum!

The doc you mentioned has pointed out the potential danger that using self hosted runner with public repository. If you strongly would like the feature, according to the policy here, please share your idea in below link which github manager will take a review: