From fa8017264a9ed0b83c325f9bfe0fbc131d5139fc Mon Sep 17 00:00:00 2001
From: Jean-Philippe Zolesio <zolesio@adobe.com>
Date: Wed, 12 Feb 2025 12:45:05 -0800
Subject: [PATCH] Fix Commit Injection from dependency bot automerge workflow

---
 .github/workflows/auto-merge.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/auto-merge.yml b/.github/workflows/auto-merge.yml
index 04fe3375..7af07561 100644
--- a/.github/workflows/auto-merge.yml
+++ b/.github/workflows/auto-merge.yml
@@ -9,7 +9,7 @@ permissions:
 jobs:
   dependabot:
     runs-on: ubuntu-latest
-    if: ${{ github.actor == 'dependabot[bot]' }}
+    if: ${{ github.actor == 'dependabot[bot]' && github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'adobe/css-tools'}}
     steps:
       - name: Dependabot metadata
         id: metadata