fix(ci): use pull_request_target for fork runner compatibility

[terisuke]

Summary

• Change test.yml and typecheck.yml from pull_request to pull_request_target
• Explicitly checkout PR head SHA to test correct code
• Fixes GitHub-hosted runner allocation issue on forked repos

Closes #62

[github-actions]

This PR doesn't fully meet our contributing guidelines and PR template.

What needs to be fixed:

• PR description is missing required template sections. Please use the PR template.

Please edit this PR description to address the above within 2 hours, or it will be automatically closed.

If you believe this was flagged incorrectly, please let a maintainer know.

[Copilot]

Pull request overview

This PR updates CI workflows to run on pull_request_target so that forked PRs can use the base repository’s runners, and it checks out the PR head SHA to ensure tests/typechecks run against the proposed changes.

Changes:

• Switch typecheck.yml and test.yml triggers from pull_request to pull_request_target.
• Update actions/checkout to explicitly check out ${{ github.event.pull_request.head.sha || github.sha }}.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File	Description
.github/workflows/typecheck.yml	Runs typecheck on pull_request_target and checks out PR head SHA.
.github/workflows/test.yml	Runs unit/e2e tests on pull_request_target and checks out PR head SHA in both jobs.

Comments suppressed due to low confidence (3)

.github/workflows/typecheck.yml:21

• With pull_request_target + ref: ${{ github.event.pull_request.head.sha }}, you are executing code from the PR head commit on a base-repo runner. Because actions/checkout persists credentials by default and you invoke a local action (./.github/actions/setup-bun) from the checked-out tree, a malicious fork PR could alter that action or read the persisted token from git config. Mitigations: set persist-credentials: false on checkout, avoid passing a token unless needed, and run local actions from a trusted checkout (e.g., checkout base repo to a separate path: and reference the action from there while checking out PR code into the workspace).

      - name: Checkout repository
        uses: actions/checkout@v4
        with:
          ref: ${{ github.event.pull_request.head.sha || github.sha }}

      - name: Setup Bun
        uses: ./.github/actions/setup-bun

.github/workflows/test.yml:33

• This actions/checkout is checking out PR head code under pull_request_target and explicitly passing secrets.GITHUB_TOKEN. Since checkout persists credentials by default, PR code executed later can read the token from the git config and use it with whatever permissions are granted (here at least checks: write). Please set persist-credentials: false and avoid passing the token unless strictly required; additionally, consider using a trusted checkout for local actions so .github/actions/setup-bun can’t be replaced by a fork PR.

      - name: Checkout repository
        uses: actions/checkout@v4
        with:
          ref: ${{ github.event.pull_request.head.sha || github.sha }}
          token: ${{ secrets.GITHUB_TOKEN }}

      - name: Setup Bun
        uses: ./.github/actions/setup-bun

.github/workflows/test.yml:85

• Same risk as the unit job: pull_request_target + checkout of PR head + local action execution allows a malicious PR to tamper with ./.github/actions/setup-bun and/or exfiltrate persisted checkout credentials. Apply the same mitigations here (persist-credentials: false, minimize token usage, and use a trusted checkout path for local actions).

      - name: Checkout repository
        uses: actions/checkout@v4
        with:
          ref: ${{ github.event.pull_request.head.sha || github.sha }}
          token: ${{ secrets.GITHUB_TOKEN }}

      - name: Setup Bun
        uses: ./.github/actions/setup-bun

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Switching to pull_request_target means the workflow runs with the base repo context. Without an explicit permissions: block here, GITHUB_TOKEN can get broader default scopes than intended, which is dangerous when you later check out and execute PR code. Please add an explicit minimal permissions: (e.g., contents: read only) at the workflow/job level and consider gating execution for untrusted/fork PRs (or reverting to pull_request if you need to run arbitrary PR code safely).

Suggested change

	permissions:
	contents: read

[Copilot]

Changing this workflow to pull_request_target while still running the PR’s code introduces a security boundary change: jobs now execute in the base repo context (including a usable GITHUB_TOKEN). If the goal is fork compatibility, please also add explicit safeguards (minimal permissions, persist-credentials: false, and/or restricting execution to trusted authors) because pull_request_target is not safe for running untrusted fork code by default.