Misleading wording regarding permissions and access to secrets in `pull_request` workflows

[monholm]

Code of Conduct

• I have read and agree to the GitHub Docs project's Code of Conduct

What article on docs.github.com is affected?

https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#accessing-secrets

What part(s) of the article would you like to see updated?

The phrase Workflows triggered using the pull_request event have read-only permissions and have no access to secrets is incorrect, as this is only the case for workflows triggered from a fork.

The phrase should be updated to clarify that this is not the case for pull requests from a branch within the repository.

Additional information

No response

[welcome]

Thanks for opening this issue. A GitHub docs team member should be by to give feedback soon. In the meantime, please check out the contributing guidelines.

[cmwilson21]

@Simon-TechForm Thank you for opening an issue and linking it to your PR! ✨

[majedonaa]

حين تكون الاجراءات اللامركزية حاضرة في التواصل مع الاخرين فان الاعدادات المركزيه ... سيي

[github-actions]

A stale label has been added to this issue becuase it has been open for 60 days with no activity. To keep this issue open, add a comment within 3 days.

[github-actions]

A stale label has been added to this issue because it has been open for 60 days with no activity. To keep this issue open, add a comment within 3 days.