diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 16566f96..c7e5758d 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -18,7 +18,6 @@ env:
 jobs:
   build:
     name: build (${{ matrix.config.os }})
-    if: github.repository == 'arduino/arduino-ide'
     strategy:
       matrix:
         config:
@@ -62,11 +61,11 @@ jobs:
           AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
           IS_NIGHTLY: ${{ github.event_name == 'schedule' || (github.event_name == 'workflow_dispatch' && github.ref == 'refs/heads/main') }}
           IS_RELEASE: ${{ startsWith(github.ref, 'refs/tags/') }}
-          IS_FORK: ${{ github.event.pull_request.head.repo.fork == true }}
+          CAN_SIGN: ${{ secrets[matrix.config.certificate-secret] != '' }}
         run: |
           # See: https://www.electron.build/code-signing
-          if [ $IS_FORK = true ]; then
-            echo "Skipping the app signing: building from a fork."
+          if [ $CAN_SIGN = false ]; then
+            echo "Skipping the app signing: certificate not provided."
           else
             export CSC_LINK="${{ runner.temp }}/signing_certificate.${{ matrix.config.certificate-extension }}"
             echo "${{ secrets[matrix.config.certificate-secret] }}" | base64 --decode > "$CSC_LINK"
@@ -188,7 +187,7 @@ jobs:
 
   release:
     needs: changelog
-    if: github.repository == 'arduino/arduino-ide' && startsWith(github.ref, 'refs/tags/')
+    if: startsWith(github.ref, 'refs/tags/')
     runs-on: ubuntu-latest
     steps:
       - name: Download [GitHub Actions]
@@ -213,6 +212,7 @@ jobs:
           body: ${{ needs.changelog.outputs.BODY }}
 
       - name: Publish Release [S3]
+        if: github.repository == 'arduino/arduino-ide'
         uses: docker://plugins/s3
         env:
           PLUGIN_SOURCE: '${{ env.JOB_TRANSFER_ARTIFACT }}/*'
diff --git a/electron/build/scripts/notarize.js b/electron/build/scripts/notarize.js
index c1311185..05a7b64b 100644
--- a/electron/build/scripts/notarize.js
+++ b/electron/build/scripts/notarize.js
@@ -6,8 +6,8 @@ exports.default = async function notarizing(context) {
     console.log('Skipping notarization: not on CI.');
     return;
   }
-  if (process.env.IS_FORK === 'true') {
-    console.log('Skipping the app notarization: building from a fork.');
+  if (process.env.CAN_SIGN === 'false') {
+    console.log('Skipping the app notarization: certificate was not provided.');
     return;
   }
   const { electronPlatformName, appOutDir } = context;