From 0356f1e3d5e3306afd04feb10f3427ead8125182 Mon Sep 17 00:00:00 2001
From: Ben Mares <services-git-throwaway1@tensorial.com>
Date: Thu, 23 Jan 2025 09:00:02 -0800
Subject: [PATCH 1/2] Don't attest from forks

---
 .github/workflows/pypi.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/workflows/pypi.yml b/.github/workflows/pypi.yml
index ee60b6130f..d02e681472 100644
--- a/.github/workflows/pypi.yml
+++ b/.github/workflows/pypi.yml
@@ -37,6 +37,8 @@ jobs:
 
       - name: Attest GitHub build provenance
         uses: actions/attest-build-provenance@v2
+        # Don't attest from forks
+        if: github.repository_owner == 'pymc-devs'
         with:
           subject-path: dist/*.tar.gz
 
@@ -82,6 +84,8 @@ jobs:
 
       - name: Attest GitHub build provenance
         uses: actions/attest-build-provenance@v2
+        # Don't attest from forks
+        if: github.repository_owner == 'pymc-devs'
         with:
           subject-path: ./wheelhouse/*.whl
 
@@ -117,6 +121,8 @@ jobs:
 
       - name: Attest GitHub build provenance
         uses: actions/attest-build-provenance@v2
+        # Don't attest from forks
+        if: github.repository_owner == 'pymc-devs'
         with:
           subject-path: dist/*.whl
 

From 8f46e2c50f89894ab0e762a1a27349f52d424f12 Mon Sep 17 00:00:00 2001
From: Ben Mares <services-git-throwaway1@tensorial.com>
Date: Thu, 23 Jan 2025 09:00:08 -0800
Subject: [PATCH 2/2] Revert "Don't attest from forks"

This reverts commit 0356f1e3d5e3306afd04feb10f3427ead8125182.
---
 .github/workflows/pypi.yml | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/.github/workflows/pypi.yml b/.github/workflows/pypi.yml
index d02e681472..ee60b6130f 100644
--- a/.github/workflows/pypi.yml
+++ b/.github/workflows/pypi.yml
@@ -37,8 +37,6 @@ jobs:
 
       - name: Attest GitHub build provenance
         uses: actions/attest-build-provenance@v2
-        # Don't attest from forks
-        if: github.repository_owner == 'pymc-devs'
         with:
           subject-path: dist/*.tar.gz
 
@@ -84,8 +82,6 @@ jobs:
 
       - name: Attest GitHub build provenance
         uses: actions/attest-build-provenance@v2
-        # Don't attest from forks
-        if: github.repository_owner == 'pymc-devs'
         with:
           subject-path: ./wheelhouse/*.whl
 
@@ -121,8 +117,6 @@ jobs:
 
       - name: Attest GitHub build provenance
         uses: actions/attest-build-provenance@v2
-        # Don't attest from forks
-        if: github.repository_owner == 'pymc-devs'
         with:
           subject-path: dist/*.whl