ci: check dependabot prs originate from repo (#1098)

Author: Fdawgs

.github/workflows/ci.yml

@@ -91,6 +91,7 @@ jobs:
     name: Automatically merge Dependabot pull requests
     if: >
         github.event_name == 'pull_request' &&
+        github.event.pull_request.head.repo.full_name == github.repository &&
         github.event.pull_request.user.login == 'dependabot[bot]'
     needs:
       - dependency-review