From d01a71c837a9a556c50e6ae76651c3fd794fd82b Mon Sep 17 00:00:00 2001
From: Max Katz <maxpkatz@gmail.com>
Date: Sun, 15 Oct 2023 18:37:53 -0400
Subject: [PATCH 01/19] Add CI test that fails if a PR is issued to main

---
 .github/workflows/check_pr_branch.yml | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 .github/workflows/check_pr_branch.yml

diff --git a/.github/workflows/check_pr_branch.yml b/.github/workflows/check_pr_branch.yml
new file mode 100644
index 0000000000..5d12a9303d
--- /dev/null
+++ b/.github/workflows/check_pr_branch.yml
@@ -0,0 +1,13 @@
+name: check PR branch
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  check-PR-branch:
+    runs-on: ubuntu-latest
+    steps:
+      - name: PRs should not target main
+        run: exit 1

From 06c4d905d87cec4aa21971e9a737920e923bd0c5 Mon Sep 17 00:00:00 2001
From: Max Katz <maxpkatz@gmail.com>
Date: Sun, 15 Oct 2023 18:47:20 -0400
Subject: [PATCH 02/19] Try again

---
 .github/workflows/check_pr_branch.yml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/check_pr_branch.yml b/.github/workflows/check_pr_branch.yml
index 5d12a9303d..19e67f46e3 100644
--- a/.github/workflows/check_pr_branch.yml
+++ b/.github/workflows/check_pr_branch.yml
@@ -1,13 +1,13 @@
 name: check PR branch
 
-on:
-  pull_request:
-    branches:
-      - main
-
+on: [pull_request]
 jobs:
   check-PR-branch:
     runs-on: ubuntu-latest
     steps:
       - name: PRs should not target main
-        run: exit 1
+      run: |
+        if [[ "${{ github.base_ref }}" == "main" ]]; then
+          echo "Pull requests must not be made against main. Please target development instead."
+          exit 1
+        fi

From a66cd064f90f1d4c2d09aa540bec7a71f9ca804e Mon Sep 17 00:00:00 2001
From: Max Katz <maxpkatz@gmail.com>
Date: Sun, 15 Oct 2023 18:49:25 -0400
Subject: [PATCH 03/19] Indentation

---
 .github/workflows/check_pr_branch.yml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/check_pr_branch.yml b/.github/workflows/check_pr_branch.yml
index 19e67f46e3..7eed5684df 100644
--- a/.github/workflows/check_pr_branch.yml
+++ b/.github/workflows/check_pr_branch.yml
@@ -6,8 +6,8 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: PRs should not target main
-      run: |
-        if [[ "${{ github.base_ref }}" == "main" ]]; then
-          echo "Pull requests must not be made against main. Please target development instead."
-          exit 1
-        fi
+        run: |
+          if [[ "${{ github.base_ref }}" == "main" ]]; then
+            echo "Pull requests must not be made against main. Please target development instead."
+            exit 1
+          fi

From 62d3f6494af8c9048cbec551a590a81aad07c27f Mon Sep 17 00:00:00 2001
From: Max Katz <maxpkatz@gmail.com>
Date: Sun, 15 Oct 2023 18:57:53 -0400
Subject: [PATCH 04/19] Try again

---
 .github/workflows/check_pr_branch.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/check_pr_branch.yml b/.github/workflows/check_pr_branch.yml
index 7eed5684df..94584318a0 100644
--- a/.github/workflows/check_pr_branch.yml
+++ b/.github/workflows/check_pr_branch.yml
@@ -7,7 +7,7 @@ jobs:
     steps:
       - name: PRs should not target main
         run: |
-          if [[ "${{ github.base_ref }}" == "main" ]]; then
+          if [[ "${{ github.event.pull_request.base.ref }}" == "main" ]]; then
             echo "Pull requests must not be made against main. Please target development instead."
             exit 1
           fi

From 64b7ac4799a4bb8c486d9d2999b03b19d8e60a77 Mon Sep 17 00:00:00 2001
From: Max Katz <maxpkatz@gmail.com>
Date: Sun, 15 Oct 2023 19:18:07 -0400
Subject: [PATCH 05/19] Try again

---
 .github/workflows/check_pr_branch.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/check_pr_branch.yml b/.github/workflows/check_pr_branch.yml
index 94584318a0..a4676479a3 100644
--- a/.github/workflows/check_pr_branch.yml
+++ b/.github/workflows/check_pr_branch.yml
@@ -7,7 +7,7 @@ jobs:
     steps:
       - name: PRs should not target main
         run: |
-          if [[ "${{ github.event.pull_request.base.ref }}" == "main" ]]; then
+          if [[ "${{ github.event.pull_request_target.ref }}" == "main" ]]; then
             echo "Pull requests must not be made against main. Please target development instead."
             exit 1
           fi

From 656a1f134d8aa34abe112d9d3593d165a610ce89 Mon Sep 17 00:00:00 2001
From: Max Katz <maxpkatz@gmail.com>
Date: Sun, 15 Oct 2023 19:19:09 -0400
Subject: [PATCH 06/19] Try again

---
 .github/workflows/check_pr_branch.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/check_pr_branch.yml b/.github/workflows/check_pr_branch.yml
index a4676479a3..0ec56975e8 100644
--- a/.github/workflows/check_pr_branch.yml
+++ b/.github/workflows/check_pr_branch.yml
@@ -7,7 +7,7 @@ jobs:
     steps:
       - name: PRs should not target main
         run: |
-          if [[ "${{ github.event.pull_request_target.ref }}" == "main" ]]; then
+          if [[ "${{ github.event.pull_request_target }}" == "main" ]]; then
             echo "Pull requests must not be made against main. Please target development instead."
             exit 1
           fi

From 816be47d80213148398fa66ff3930a00620d1b60 Mon Sep 17 00:00:00 2001
From: Max Katz <maxpkatz@gmail.com>
Date: Sun, 15 Oct 2023 19:21:48 -0400
Subject: [PATCH 07/19] Try again

---
 .github/workflows/check_pr_branch.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/check_pr_branch.yml b/.github/workflows/check_pr_branch.yml
index 0ec56975e8..25bd3fad50 100644
--- a/.github/workflows/check_pr_branch.yml
+++ b/.github/workflows/check_pr_branch.yml
@@ -7,7 +7,7 @@ jobs:
     steps:
       - name: PRs should not target main
         run: |
-          if [[ "${{ github.event.pull_request_target }}" == "main" ]]; then
+          if [[ "${{ github.event.pull_request_target.head.ref }}" == "main" ]]; then
             echo "Pull requests must not be made against main. Please target development instead."
             exit 1
           fi

From cd811fce30bc9ea3c790595d46eb1878b3c44622 Mon Sep 17 00:00:00 2001
From: Max Katz <maxpkatz@gmail.com>
Date: Sun, 15 Oct 2023 19:38:39 -0400
Subject: [PATCH 08/19] Try again

---
 .github/workflows/check_pr_branch.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/check_pr_branch.yml b/.github/workflows/check_pr_branch.yml
index 25bd3fad50..ed294eb367 100644
--- a/.github/workflows/check_pr_branch.yml
+++ b/.github/workflows/check_pr_branch.yml
@@ -7,7 +7,7 @@ jobs:
     steps:
       - name: PRs should not target main
         run: |
-          if [[ "${{ github.event.pull_request_target.head.ref }}" == "main" ]]; then
+          if [[ "${{ github.event.pull_request_target.head.sha }}" == "${{ git rev-parse main }}" ]]; then
             echo "Pull requests must not be made against main. Please target development instead."
             exit 1
           fi

From bf2642659ecff67b6233520418ff33494fbd5f95 Mon Sep 17 00:00:00 2001
From: Max Katz <maxpkatz@gmail.com>
Date: Sun, 15 Oct 2023 19:41:34 -0400
Subject: [PATCH 09/19] Try again

---
 .github/workflows/check_pr_branch.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/check_pr_branch.yml b/.github/workflows/check_pr_branch.yml
index ed294eb367..caec9f136d 100644
--- a/.github/workflows/check_pr_branch.yml
+++ b/.github/workflows/check_pr_branch.yml
@@ -7,7 +7,7 @@ jobs:
     steps:
       - name: PRs should not target main
         run: |
-          if [[ "${{ github.event.pull_request_target.head.sha }}" == "${{ git rev-parse main }}" ]]; then
+          if [[ "${{ github.event.pull_request_target.head.sha }}" == "$(git rev-parse main)" ]]; then
             echo "Pull requests must not be made against main. Please target development instead."
             exit 1
           fi

From 58b768dfd1217cf62f2bd8b7107540636af9b019 Mon Sep 17 00:00:00 2001
From: Max Katz <maxpkatz@gmail.com>
Date: Sun, 15 Oct 2023 19:47:52 -0400
Subject: [PATCH 10/19] Try again

---
 .github/workflows/check_pr_branch.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/check_pr_branch.yml b/.github/workflows/check_pr_branch.yml
index caec9f136d..7eed5684df 100644
--- a/.github/workflows/check_pr_branch.yml
+++ b/.github/workflows/check_pr_branch.yml
@@ -7,7 +7,7 @@ jobs:
     steps:
       - name: PRs should not target main
         run: |
-          if [[ "${{ github.event.pull_request_target.head.sha }}" == "$(git rev-parse main)" ]]; then
+          if [[ "${{ github.base_ref }}" == "main" ]]; then
             echo "Pull requests must not be made against main. Please target development instead."
             exit 1
           fi

From eb193587b521c0f365d49167e1325eb718791dcc Mon Sep 17 00:00:00 2001
From: Max Katz <maxpkatz@gmail.com>
Date: Sun, 15 Oct 2023 20:13:39 -0400
Subject: [PATCH 11/19] Try again

---
 .github/workflows/check_pr_branch.yml     | 17 +++++++++++------
 .github/workflows/get_pr_target_branch.sh | 16 ++++++++++++++++
 2 files changed, 27 insertions(+), 6 deletions(-)
 create mode 100644 .github/workflows/get_pr_target_branch.sh

diff --git a/.github/workflows/check_pr_branch.yml b/.github/workflows/check_pr_branch.yml
index 7eed5684df..2421422f57 100644
--- a/.github/workflows/check_pr_branch.yml
+++ b/.github/workflows/check_pr_branch.yml
@@ -5,9 +5,14 @@ jobs:
   check-PR-branch:
     runs-on: ubuntu-latest
     steps:
-      - name: PRs should not target main
-        run: |
-          if [[ "${{ github.base_ref }}" == "main" ]]; then
-            echo "Pull requests must not be made against main. Please target development instead."
-            exit 1
-          fi
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth 0
+
+      - name: Get PR target branch
+        id: get-target-branch
+        run: bash .github/workflows/get_pr_target_branch.sh
+
+      - name: No PRs should target the main branch; use development instead
+        if: ${{ steps.get-target-branch.outputs.target_branch == 'main' }}
+        run: exit 1
diff --git a/.github/workflows/get_pr_target_branch.sh b/.github/workflows/get_pr_target_branch.sh
new file mode 100644
index 0000000000..b0a14ef502
--- /dev/null
+++ b/.github/workflows/get_pr_target_branch.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+# Get the PR number from the GitHub context
+PR_NUMBER=${{ github.event.pull_request.number }}
+
+# Call the GitHub API to get the PR details
+PR_DETAILS=$(curl \
+                   -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
+                     -H "Accept: application/vnd.github.v3+json" \
+                       "https://api.github.com/repos/${{ github.repository }}/pulls/$PR_NUMBER")
+
+# Extract the base ref (target branch) from the PR details
+TARGET_BRANCH=$(echo "$PR_DETAILS" | jq -r '.base.ref')
+
+# Output the target branch
+echo "::set-output name=target_branch::$TARGET_BRANCH"

From b8a43bc8b9cd1dbfb26baa2276fe2613ae2eba18 Mon Sep 17 00:00:00 2001
From: Max Katz <maxpkatz@gmail.com>
Date: Sun, 15 Oct 2023 20:15:24 -0400
Subject: [PATCH 12/19] Fix

---
 .github/workflows/check_pr_branch.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/check_pr_branch.yml b/.github/workflows/check_pr_branch.yml
index 2421422f57..11779ffa5f 100644
--- a/.github/workflows/check_pr_branch.yml
+++ b/.github/workflows/check_pr_branch.yml
@@ -7,7 +7,7 @@ jobs:
     steps:
       - uses: actions/checkout@v3
         with:
-          fetch-depth 0
+          fetch-depth: 0
 
       - name: Get PR target branch
         id: get-target-branch

From 94b986c1856538bbce6faebf277948b88e822897 Mon Sep 17 00:00:00 2001
From: Max Katz <maxpkatz@gmail.com>
Date: Sun, 15 Oct 2023 20:23:11 -0400
Subject: [PATCH 13/19] Just echo vars for now

---
 .github/workflows/check_pr_branch.yml     | 11 ++++-------
 .github/workflows/get_pr_target_branch.sh | 16 ----------------
 2 files changed, 4 insertions(+), 23 deletions(-)
 delete mode 100644 .github/workflows/get_pr_target_branch.sh

diff --git a/.github/workflows/check_pr_branch.yml b/.github/workflows/check_pr_branch.yml
index 11779ffa5f..1fba3af7d7 100644
--- a/.github/workflows/check_pr_branch.yml
+++ b/.github/workflows/check_pr_branch.yml
@@ -9,10 +9,7 @@ jobs:
         with:
           fetch-depth: 0
 
-      - name: Get PR target branch
-        id: get-target-branch
-        run: bash .github/workflows/get_pr_target_branch.sh
-
-      - name: No PRs should target the main branch; use development instead
-        if: ${{ steps.get-target-branch.outputs.target_branch == 'main' }}
-        run: exit 1
+      - name: Dump GitHub context
+        env:
+          GITHUB_CONTEXT: ${{ toJson(github) }}
+        run: echo "$GITHUB_CONTEXT"
diff --git a/.github/workflows/get_pr_target_branch.sh b/.github/workflows/get_pr_target_branch.sh
deleted file mode 100644
index b0a14ef502..0000000000
--- a/.github/workflows/get_pr_target_branch.sh
+++ /dev/null
@@ -1,16 +0,0 @@
-#!/bin/bash
-
-# Get the PR number from the GitHub context
-PR_NUMBER=${{ github.event.pull_request.number }}
-
-# Call the GitHub API to get the PR details
-PR_DETAILS=$(curl \
-                   -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
-                     -H "Accept: application/vnd.github.v3+json" \
-                       "https://api.github.com/repos/${{ github.repository }}/pulls/$PR_NUMBER")
-
-# Extract the base ref (target branch) from the PR details
-TARGET_BRANCH=$(echo "$PR_DETAILS" | jq -r '.base.ref')
-
-# Output the target branch
-echo "::set-output name=target_branch::$TARGET_BRANCH"

From 477ab2c545655d2d6ab966a1a18bd26480240f23 Mon Sep 17 00:00:00 2001
From: Max Katz <maxpkatz@gmail.com>
Date: Sun, 15 Oct 2023 20:34:04 -0400
Subject: [PATCH 14/19] Revert to original approach

---
 .github/workflows/check_pr_branch.yml | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/check_pr_branch.yml b/.github/workflows/check_pr_branch.yml
index 1fba3af7d7..5d12a9303d 100644
--- a/.github/workflows/check_pr_branch.yml
+++ b/.github/workflows/check_pr_branch.yml
@@ -1,15 +1,13 @@
 name: check PR branch
 
-on: [pull_request]
+on:
+  pull_request:
+    branches:
+      - main
+
 jobs:
   check-PR-branch:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-
-      - name: Dump GitHub context
-        env:
-          GITHUB_CONTEXT: ${{ toJson(github) }}
-        run: echo "$GITHUB_CONTEXT"
+      - name: PRs should not target main
+        run: exit 1

From f4619fbbf47f3e17b71ac208f4522b5b84d04a57 Mon Sep 17 00:00:00 2001
From: Max Katz <maxpkatz@gmail.com>
Date: Sun, 15 Oct 2023 20:35:55 -0400
Subject: [PATCH 15/19] Update

---
 .github/workflows/check_pr_branch.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/check_pr_branch.yml b/.github/workflows/check_pr_branch.yml
index 5d12a9303d..cdf7663c8f 100644
--- a/.github/workflows/check_pr_branch.yml
+++ b/.github/workflows/check_pr_branch.yml
@@ -9,5 +9,5 @@ jobs:
   check-PR-branch:
     runs-on: ubuntu-latest
     steps:
-      - name: PRs should not target main
+      - name: PRs should not target main. Use development instead.
         run: exit 1

From fc60a9365a3c1e962f354048acfeddfbdac7e3c2 Mon Sep 17 00:00:00 2001
From: Max Katz <maxpkatz@gmail.com>
Date: Sun, 15 Oct 2023 22:23:32 -0400
Subject: [PATCH 16/19] Try again

---
 .github/workflows/check_pr_branch.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/check_pr_branch.yml b/.github/workflows/check_pr_branch.yml
index cdf7663c8f..b8df8d60b9 100644
--- a/.github/workflows/check_pr_branch.yml
+++ b/.github/workflows/check_pr_branch.yml
@@ -4,6 +4,9 @@ on:
   pull_request:
     branches:
       - main
+  pull_request_target:
+    branches:
+      - main
 
 jobs:
   check-PR-branch:

From 24cde5e9059f50b63bdf0a94156cf8d65b27639c Mon Sep 17 00:00:00 2001
From: "Eric T. Johnson" <eric.t.johnson@stonybrook.edu>
Date: Fri, 5 Apr 2024 18:21:24 -0400
Subject: [PATCH 17/19] Rework how the branch is checked

The `edited` activity type includes changes to the base branch, so we
need to add that to the trigger types. It also needs to run on
development as well as main, so the workflow can succeed once the base
branch is changed.
---
 .github/workflows/check_pr_branch.yml | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/check_pr_branch.yml b/.github/workflows/check_pr_branch.yml
index b8df8d60b9..1516b61ed8 100644
--- a/.github/workflows/check_pr_branch.yml
+++ b/.github/workflows/check_pr_branch.yml
@@ -2,15 +2,16 @@ name: check PR branch
 
 on:
   pull_request:
-    branches:
-      - main
-  pull_request_target:
-    branches:
-      - main
+    types:
+      - opened
+      - synchronize
+      - reopened
+      - edited
 
 jobs:
   check-PR-branch:
     runs-on: ubuntu-latest
+    if: ${{ github.base_ref == 'main' }}
     steps:
       - name: PRs should not target main. Use development instead.
         run: exit 1

From 465a5c763b08f26ce40f4a51506a32e2606185f7 Mon Sep 17 00:00:00 2001
From: "Eric T. Johnson" <eric.t.johnson@stonybrook.edu>
Date: Fri, 5 Apr 2024 18:49:28 -0400
Subject: [PATCH 18/19] Do the check in bash, so we get "Successful" instead of
 "Skipped"

---
 .github/workflows/check_pr_branch.yml | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/check_pr_branch.yml b/.github/workflows/check_pr_branch.yml
index 1516b61ed8..c95f041cc0 100644
--- a/.github/workflows/check_pr_branch.yml
+++ b/.github/workflows/check_pr_branch.yml
@@ -11,7 +11,10 @@ on:
 jobs:
   check-PR-branch:
     runs-on: ubuntu-latest
-    if: ${{ github.base_ref == 'main' }}
     steps:
-      - name: PRs should not target main. Use development instead.
-        run: exit 1
+      - name: PRs should not target main
+        run: |
+          if [[ "${{ github.base_ref }}" == "main" ]]; then
+            echo 'Pull requests must not be made agains main. Please target development instead.'
+            exit 1
+          fi

From fd959d89a73f6239cac103126b34513084de5511 Mon Sep 17 00:00:00 2001
From: "Eric T. Johnson" <eric.t.johnson@stonybrook.edu>
Date: Fri, 5 Apr 2024 18:53:22 -0400
Subject: [PATCH 19/19] Typo

---
 .github/workflows/check_pr_branch.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/check_pr_branch.yml b/.github/workflows/check_pr_branch.yml
index c95f041cc0..3543088221 100644
--- a/.github/workflows/check_pr_branch.yml
+++ b/.github/workflows/check_pr_branch.yml
@@ -15,6 +15,6 @@ jobs:
       - name: PRs should not target main
         run: |
           if [[ "${{ github.base_ref }}" == "main" ]]; then
-            echo 'Pull requests must not be made agains main. Please target development instead.'
+            echo 'Pull requests must not be made against main. Please target development instead.'
             exit 1
           fi