Block fork pull request workflow jobs

.github/workflows/add_to_octokit_project.yml

@@ -8,13 +8,14 @@
 
 jobs:
   add-to-project:
+    if: ${{ github.event.pull_request == null || github.event.pull_request.head.repo.full_name == github.repository }}
     name: Add issue to project
     runs-on: ubuntu-latest
     continue-on-error: true
     steps:
       - uses: actions/add-to-project@v1.0.0
         with:
           project-url: https://github.com/orgs/octokit/projects/10
           github-token: ${{ secrets.OCTOKITBOT_PROJECT_ACTION_TOKEN }}
           labeled: "Status: Stale"
           label-operator: NOT

.github/workflows/codeql.yml

@@ -10,40 +10,41 @@
 
 jobs:
   CodeQL-Build:
+    if: ${{ github.event.pull_request == null || github.event.pull_request.head.repo.full_name == github.repository }}
 
     # CodeQL runs on ubuntu-latest and windows-latest
     runs-on: ubuntu-latest
 
     steps:
     - name: Checkout repository
       uses: actions/checkout@v4
       with:
         # We must fetch at least the immediate parents so that if this is
         # a pull request then we can checkout the head.
         fetch-depth: 2
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v3
       # Override language selection by uncommenting this and choosing your languages
       # with:
       #   languages: go, javascript, csharp, python, cpp, java
 
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
       uses: github/codeql-action/autobuild@v3
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
 
     # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
     #    and modify them (or add more) to build your code if your project
     #    uses a compiled language
 
     #- run: |
     #   make bootstrap
     #   make release
 
     - name: Perform CodeQL Analysis
       uses: github/codeql-action/analyze@v3

.github/workflows/immediate-response.yml

@@ -11,7 +11,7 @@ on:
       - opened
 jobs:
   respond-to-issue:
-    if: ${{ github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' && github.actor != 'githubactions[bot]' && github.actor != 'octokitbot' }}
+    if: ${{ (github.event.pull_request == null || github.event.pull_request.head.repo.full_name == github.repository) && (github.actor != 'dependabot[bot]' && github.actor != 'renovate[bot]' && github.actor != 'github-actions[bot]' && github.actor != 'octokitbot') }}
     runs-on: ubuntu-latest
     steps:
       - name: Determine issue or PR number

.github/workflows/test.yml

@@ -9,22 +9,23 @@
       - synchronize
 jobs:
   test_matrix:
+    if: ${{ github.event.pull_request == null || github.event.pull_request.head.repo.full_name == github.repository }}
     runs-on: ubuntu-latest
     strategy:
       matrix:
         node_version:
           - 18
           - 20
     steps:
       - uses: actions/checkout@v4
       - name: Setup Node v${{ matrix.node_version }}
         uses: actions/setup-node@v4
         with:
           node-version: ${{ matrix.node_version }}
           cache: npm
       - run: npm ci
       - run: npm test --ignore-scripts
   test:
     runs-on: ubuntu-latest
     needs: test_matrix
     steps:
@@ -37,4 +38,4 @@
           cache: npm
       - run: npm ci
       - run: npm run lint
-    if: ${{ always() }}
+    if: ${{ (github.event.pull_request == null || github.event.pull_request.head.repo.full_name == github.repository) && (always()) }}