Our normal flow is that we create a branch, work on the branch and then publish a PR for code review. We do not require opening a PR immediately.
And one of the points of working on the branch is making sure that we do not create new vulnerabilities and maintain a certain level of test coverage.
My problem is not with github actions 
my problem is that setup that was working previously is not working now without any changes on our side.