From a09e59aa7cb8246f584764d33505ff861b4c240c Mon Sep 17 00:00:00 2001
From: Ismo Vuorinen <ismo@ivuorinen.net>
Date: Fri, 24 Oct 2025 18:21:44 +0300
Subject: [PATCH] fix: test-actions security scan (#307)

---
 .github/workflows/test-actions.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/test-actions.yml b/.github/workflows/test-actions.yml
index 61476fe..3fc0f79 100644
--- a/.github/workflows/test-actions.yml
+++ b/.github/workflows/test-actions.yml
@@ -235,8 +235,8 @@ jobs:
         uses: trufflesecurity/trufflehog@0f58ae7c5036094a1e3e750d18772af92821b503
         with:
           path: ./
-          base: ${{ github.event.repository.default_branch }}
-          head: HEAD
+          base: ${{ github.event_name == 'pull_request' && github.event.repository.default_branch || '' }}
+          head: ${{ github.event_name == 'pull_request' && 'HEAD' || '' }}
           extra_args: --debug --only-verified
 
       - name: Scan shell scripts