From 36a29f4c92d6675f43733ee0119e034f32f52afb Mon Sep 17 00:00:00 2001
From: Emiliano Sanchez <emiliano.sanchez@split.io>
Date: Mon, 16 Mar 2026 11:00:51 -0300
Subject: [PATCH] Restrict SonarQube scan to PRs from same repository

---
 .github/workflows/sonar-scan.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/sonar-scan.yml b/.github/workflows/sonar-scan.yml
index abb04e2b0..a81b328b1 100644
--- a/.github/workflows/sonar-scan.yml
+++ b/.github/workflows/sonar-scan.yml
@@ -49,7 +49,7 @@ jobs:
             -Dsonar.links.scm="https://github.com/splitio/${{ github.event.repository.name }}"
 
       - name: SonarQube Scan (Pull Request)
-        if: github.event_name == 'pull_request'
+        if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository
         uses: SonarSource/sonarqube-scan-action@v6
         env:
           SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}