I have a project on github that relies on client side static code analysis. When a PR is opened from a fork the CI will fail because the code analysis results cannot be uploaded. This is of course intended behavior because forks shouldn’t have access to secrets like codacy API tokens which are required for uploading. However, I can’t think of a solution that would allow PRs from forks to be analyzed and the results to be integrated into the project’s codacy dashboard.
Does anyone have an idea how to solve this?