From af44744f7eac11234023a8cc0bcb2f94b88d2345 Mon Sep 17 00:00:00 2001
From: sachinh-amazon <188173965+sachinh-amazon@users.noreply.github.com>
Date: Thu, 2 Oct 2025 11:42:56 +0200
Subject: [PATCH 1/3] Fix security scan for fork-origin PRs

---
 .github/workflows/security-scan.yaml | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/security-scan.yaml b/.github/workflows/security-scan.yaml
index cf04db53..76b7da9f 100644
--- a/.github/workflows/security-scan.yaml
+++ b/.github/workflows/security-scan.yaml
@@ -235,7 +235,7 @@ jobs:
         with:
           role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
           aws-region: us-east-1
-          role-session-name: security-scan-${{ matrix.target }}-${{matrix.branch}}
+          role-session-name: scan-${{ matrix.target }}-${{matrix.branch}}
       
       - name: Publish Scan Invoked metric
         run: |
@@ -248,8 +248,14 @@ jobs:
       - name: Checkout branch
         uses: actions/checkout@v4
         with:
-          ref: ${{ matrix.branch }}
+          # For fork-origin PRs, we can't directly use matrix.branch as the branch does not exist in the 
+          # Code Editor repo. The branch only exists in the fork.
+          ref: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || matrix.branch }}
           submodules: recursive
+      
+      - name: Make sure code changes from PR branch are present
+        run: |
+          ls -l
 
       - name: Update security scan script from main
         run: |
@@ -440,7 +446,7 @@ jobs:
         with:
           role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
           aws-region: us-east-1
-          role-session-name: security-scan-global-dependencies-${{matrix.branch}}
+          role-session-name: scan-global-dependencies-${{matrix.branch}}
       
       - name: Publish Scan Invoked metric
         run: |
@@ -453,7 +459,9 @@ jobs:
       - name: Checkout branch
         uses: actions/checkout@v4
         with:
-          ref: ${{ matrix.branch }}
+          # For fork-origin PRs, we can't directly use matrix.branch as the branch does not exist in the 
+          # Code Editor repo. The branch only exists in the fork.
+          ref: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || matrix.branch }}
           submodules: recursive
 
       - name: Update security scan script from main

From 0125e5be17eee3d864be7c4c2df2f3f2aea85b8d Mon Sep 17 00:00:00 2001
From: sachinh35 <sachin.h35@gmail.com>
Date: Thu, 2 Oct 2025 11:59:17 +0200
Subject: [PATCH 2/3] Update build-targets.yaml

---
 .github/workflows/build-targets.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/build-targets.yaml b/.github/workflows/build-targets.yaml
index bc5b3b54..09f66870 100644
--- a/.github/workflows/build-targets.yaml
+++ b/.github/workflows/build-targets.yaml
@@ -1,4 +1,4 @@
-name: Build Code Editor Targets
+name: Build Code Editor Targets11
 on:
   push:
     branches:
@@ -98,4 +98,4 @@ jobs:
             --namespace "GitHub/Workflows" \
             --metric-name "ExecutionsFailed" \
             --dimensions "Repository=${{ env.REPOSITORY }},Workflow=BuildTargets" \
-            --value 1
\ No newline at end of file
+            --value 1

From 3c26ecdd84460fec75fccd727eb78dc0d7d0fe60 Mon Sep 17 00:00:00 2001
From: sachinh35 <sachin.h35@gmail.com>
Date: Thu, 2 Oct 2025 12:01:14 +0200
Subject: [PATCH 3/3] Add a test file.

---
 test-file.txt | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 test-file.txt

diff --git a/test-file.txt b/test-file.txt
new file mode 100644
index 00000000..26bdedc3
--- /dev/null
+++ b/test-file.txt
@@ -0,0 +1 @@
+Hi there!
\ No newline at end of file