diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml
index 95419a1a1a..778ac0e549 100644
--- a/.github/workflows/sonar.yml
+++ b/.github/workflows/sonar.yml
@@ -12,7 +12,7 @@ on:
       - 'docs/**'
       - 'adr/**'
     branches: [ main ]
-  pull_request:
+  pull_request_target:
     paths-ignore:
       - 'docs/**'
       - 'adr/**'
@@ -21,9 +21,12 @@ on:
 jobs:
   test:
     runs-on: ubuntu-latest
-    if: ${{ github.actor != 'dependabot[bot]' && (( github.event_name == 'push' ) || ( github.event_name == 'pull_request' && github.event.pull_request.head.repo.owner.login == 'operator-framework' )) }}
+    if: ${{ github.actor != 'dependabot[bot]' }}
     steps:
       - uses: actions/checkout@v6
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+          fetch-depth: 0
       - name: Set up Java and Maven
         uses: actions/setup-java@v5
         with: