USThing · FlandiaYingman · Feb 11, 2026 · Feb 11, 2026 · Feb 11, 2026
diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml
@@ -2,9 +2,21 @@ name: Checks
 
 on:
   push:
+    branches:
+      - main
   pull_request:
   workflow_dispatch:
 
+# Use concurrency to deduplicate runs.
+# - For pull requests: group by `pr-<number>` so multiple commits to the same PR
+#   cancel previous runs and only the latest is kept.
+# - For direct pushes: fall back to deduplicating by commit SHA so identical
+#   commits don't trigger multiple concurrent workflows.
+# - Include the `github.workflow` name in the group to avoid cross-workflow collisions.
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.pull_request.number) || github.sha }}
+  cancel-in-progress: true
+
 # Minimal file-level permissions for checks: read repository contents for linting/tests
 permissions:
   contents: read

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
@@ -2,9 +2,21 @@ name: Docker CI
 
 on:
   push:
+    branches:
+      - main
   pull_request:
   workflow_dispatch:
 
+# Use concurrency to deduplicate runs.
+# - For pull requests: group by `pr-<number>` so multiple commits to the same PR
+#   cancel previous runs and only the latest is kept.
+# - For direct pushes: fall back to deduplicating by commit SHA so identical
+#   commits don't trigger multiple concurrent workflows.
+# - Include the `github.workflow` name in the group to avoid cross-workflow collisions.
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.pull_request.number) || github.sha }}
+  cancel-in-progress: true
+
 # Minimize permissions for Docker CI; only allow read access to repo contents
 # and package write for pushing images to GHCR.
 permissions: