Pull requests should use the head_branch for branch restrictions not the target branch.
For example: if i have a deployment env var restricted to master… every pull req to master shouldn’t be running with the secure deployment env vars. Only approved/merged stuff should run with those env vars.
I know that env vars on pull reqs are restricted to members only… but this is still an unexpected behavior that could compromise the intended security.