From 1d81343ca940da158249d62fd233463340d6780b Mon Sep 17 00:00:00 2001
From: S34N <12197162+S34NW@users.noreply.github.com>
Date: Wed, 20 Mar 2024 22:24:11 +0000
Subject: [PATCH 1/2] restrict !merge_upstream to PR author or repo members

---
 .github/workflows/merge_upstream_master.yml | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/merge_upstream_master.yml b/.github/workflows/merge_upstream_master.yml
index fab0950222fc..c9d463f31a2d 100644
--- a/.github/workflows/merge_upstream_master.yml
+++ b/.github/workflows/merge_upstream_master.yml
@@ -5,7 +5,14 @@ on:
 
 jobs:
   merge-upstream:
-    if: ${{ github.event.issue.pull_request && github.event.comment.body == '!merge_upstream' }}
+    if: |
+      github.event.issue.pull_request &&
+      (github.event.comment.body == '!merge_upstream') &&
+      ((github.event.sender == github.event.issue.user) ||
+      (github.event.issue.author_association == 'COLLABORATOR') ||
+      (github.event.issue.author_association == 'MEMBER') ||
+      (github.event.issue.author_association == 'OWNER'))
+
     runs-on: ubuntu-latest
     steps:
       - name: PR Data

From f61d88a97c378ff92d7af643a95badb4920329bb Mon Sep 17 00:00:00 2001
From: S34N <12197162+S34NW@users.noreply.github.com>
Date: Wed, 20 Mar 2024 22:32:46 +0000
Subject: [PATCH 2/2] proper syntax please

---
 .github/workflows/merge_upstream_master.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/merge_upstream_master.yml b/.github/workflows/merge_upstream_master.yml
index c9d463f31a2d..c95ff17f58ce 100644
--- a/.github/workflows/merge_upstream_master.yml
+++ b/.github/workflows/merge_upstream_master.yml
@@ -9,9 +9,9 @@ jobs:
       github.event.issue.pull_request &&
       (github.event.comment.body == '!merge_upstream') &&
       ((github.event.sender == github.event.issue.user) ||
-      (github.event.issue.author_association == 'COLLABORATOR') ||
-      (github.event.issue.author_association == 'MEMBER') ||
-      (github.event.issue.author_association == 'OWNER'))
+      (github.event.comment.author_association == 'COLLABORATOR') ||
+      (github.event.comment.author_association == 'MEMBER') ||
+      (github.event.comment.author_association == 'OWNER'))
 
     runs-on: ubuntu-latest
     steps: