Use pull_request_target for fork PR write access

The pull_request trigger has restricted GITHUB_TOKEN permissions for
fork PRs (read-only). Using pull_request_target runs the workflow in
the context of the base repository, providing write access to post
PR comments.

Added explicit ref to checkout the PR head SHA since pull_request_target
defaults to checking out the base branch.

Author: numbata

.github/workflows/danger.yml

@@ -1,6 +1,6 @@
 ---
 name: danger
-on: pull_request
+on: pull_request_target
 
 permissions:
   contents: read
@@ -13,6 +13,7 @@ jobs:
     - uses: actions/checkout@v6
       with:
         fetch-depth: 0
+        ref: ${{ github.event.pull_request.head.sha }}
     - name: Set up Ruby
       uses: ruby/setup-ruby@v1
       with: