From e7699868821285bc764843553cae85c808b6f9ee Mon Sep 17 00:00:00 2001
From: Itxaka <itxaka.garcia@spectrocloud.com>
Date: Fri, 12 Jul 2024 09:22:18 +0200
Subject: [PATCH] run workflows in proper places (#350)

---
 .github/workflows/osv-scanner-pr.yaml | 6 +++---
 .github/workflows/secscan.yaml        | 3 +++
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/osv-scanner-pr.yaml b/.github/workflows/osv-scanner-pr.yaml
index c7a76e7..e461b7e 100644
--- a/.github/workflows/osv-scanner-pr.yaml
+++ b/.github/workflows/osv-scanner-pr.yaml
@@ -3,9 +3,9 @@ name: OSV-Scanner PR Scan
 # Change "main" to your default branch if you use a different name, i.e. "master"
 on:
   pull_request:
-    branches: [main]
-  merge_group:
-    branches: [main]
+  push:
+    branches:
+      - main
 
 permissions:
   # Require writing security events to upload SARIF file to security tab
diff --git a/.github/workflows/secscan.yaml b/.github/workflows/secscan.yaml
index 5f5c3f9..2d51bb8 100644
--- a/.github/workflows/secscan.yaml
+++ b/.github/workflows/secscan.yaml
@@ -3,7 +3,10 @@ name: "Security Scan"
 # Run workflow each time code is pushed to your repository and on a schedule.
 # The scheduled workflow runs every at 00:00 on Sunday UTC time.
 on:
+  pull_request:
   push:
+    branches:
+      - main
   schedule:
   - cron: '0 0 * * 0'