From 605594468d78932c1f65a9d4ad476d14a04255fd Mon Sep 17 00:00:00 2001
From: xingsy97 <87063252+xingsy97@users.noreply.github.com>
Date: Tue, 14 Jan 2025 17:33:35 +0800
Subject: [PATCH 1/2] init

---
 .github/workflows/socketio_e2e.yml            | 51 +++++++++++++++++--
 .../test/index.ts                             |  1 +
 2 files changed, 48 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/socketio_e2e.yml b/.github/workflows/socketio_e2e.yml
index d79bfd404..c1b1dd1f4 100644
--- a/.github/workflows/socketio_e2e.yml
+++ b/.github/workflows/socketio_e2e.yml
@@ -1,6 +1,4 @@
-# This workflow will do a clean installation of node dependencies, cache/restore them, build the source code and run tests across different versions of node
 # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-nodejs
-
 name: Socket.IO E2E test
 on:
   push:
@@ -12,7 +10,8 @@ on:
     paths:
      - 'sdk/**'
 env:
-  NODE_VERSION: '18.x'                # set this to the node version to use
+  NODE_VERSION: '18.x'
+
 jobs:
   build:
     name: Socket.IO E2E tests
@@ -21,17 +20,60 @@ jobs:
     strategy:
       matrix:
         node-version: [18.x]
+
+    # Add permissions if needed
+    permissions:
+      contents: read
+      pull-requests: read
+
     steps:
-    - uses: actions/checkout@v3
+    # Security check for PRs
+    - name: Check if PR is from a fork
+      if: github.event_name == 'pull_request_target'
+      run: |
+        if [ "${{ github.event.pull_request.head.repo.full_name }}" != "${{ github.repository }}" ]; then
+          echo "PR is from a fork - checking if author has write access"
+          if [ "${{ github.event.pull_request.author_association }}" != "CONTRIBUTOR" ] && 
+             [ "${{ github.event.pull_request.author_association }}" != "MEMBER" ] && 
+             [ "${{ github.event.pull_request.author_association }}" != "OWNER" ]; then
+            echo "PR author doesn't have required permissions"
+            exit 1
+          fi
+        fi
+
+    # First checkout the base repo to get workflow files
+    - name: Checkout base repository
+      uses: actions/checkout@v3
+      if: github.event_name == 'pull_request_target'
+      with:
+        ref: main
+        fetch-depth: 3
+
+    # Then checkout the PR code
+    - name: Checkout PR
+      uses: actions/checkout@v3
+      if: github.event_name == 'pull_request_target'
+      with:
+        ref: ${{ github.event.pull_request.head.sha }}
+        repository: ${{ github.event.pull_request.head.repo.full_name }}
+        fetch-depth: 3
+
+    # For push events, just do normal checkout
+    - name: Checkout for push
+      uses: actions/checkout@v3
+      if: github.event_name == 'push'
       with:
         fetch-depth: 3
+
     - name: Set up Node.js
       uses: actions/setup-node@v3
       with:
         node-version: ${{ env.NODE_VERSION }}
         cache: 'npm'
+
     - name: Install dependencies
       run: npm install -g yarn
+
     - name: Install SocketIO SDK
       id: socketio
       run: |
@@ -43,6 +85,7 @@ jobs:
         yarn build
         popd
       shell: bash
+
     - name: Test
       env:
         WebPubSubConnectionString: ${{ secrets.SOCKETIO_E2E_CONNECTION_STRING }}
diff --git a/sdk/webpubsub-socketio-extension/test/index.ts b/sdk/webpubsub-socketio-extension/test/index.ts
index f3abfcc55..6ca2f50a7 100644
--- a/sdk/webpubsub-socketio-extension/test/index.ts
+++ b/sdk/webpubsub-socketio-extension/test/index.ts
@@ -11,6 +11,7 @@ const wpsOptions = {
 };
 const optS = JSON.stringify(wpsOptions);
 console.debug(`Test Config = ${optS.substring(0, 60)}***${optS.slice(-20)}`);
+console.log("hiiiiiii");
 
 if (wpsOptions.hub !== undefined || wpsOptions.connectionString !== undefined) {
   describe("WebPubSub Socket.IO Extension", () => {

From 7a062ca76dde778f5d343b3837bf842015051a03 Mon Sep 17 00:00:00 2001
From: xingsy97 <87063252+xingsy97@users.noreply.github.com>
Date: Tue, 14 Jan 2025 17:39:46 +0800
Subject: [PATCH 2/2] update

---
 .github/workflows/socketio_e2e.yml | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/socketio_e2e.yml b/.github/workflows/socketio_e2e.yml
index c1b1dd1f4..ea1ad12bf 100644
--- a/.github/workflows/socketio_e2e.yml
+++ b/.github/workflows/socketio_e2e.yml
@@ -39,7 +39,10 @@ jobs:
             echo "PR author doesn't have required permissions"
             exit 1
           fi
+          echo "PR author have required permissions"
+          exit 0
         fi
+        echo "PR is not from a fork"
 
     # First checkout the base repo to get workflow files
     - name: Checkout base repository
@@ -47,7 +50,7 @@ jobs:
       if: github.event_name == 'pull_request_target'
       with:
         ref: main
-        fetch-depth: 3
+        fetch-depth: 1
 
     # Then checkout the PR code
     - name: Checkout PR
@@ -56,14 +59,14 @@ jobs:
       with:
         ref: ${{ github.event.pull_request.head.sha }}
         repository: ${{ github.event.pull_request.head.repo.full_name }}
-        fetch-depth: 3
+        fetch-depth: 1
 
     # For push events, just do normal checkout
     - name: Checkout for push
       uses: actions/checkout@v3
       if: github.event_name == 'push'
       with:
-        fetch-depth: 3
+        fetch-depth: 1
 
     - name: Set up Node.js
       uses: actions/setup-node@v3