From 3cab51389f8384282c320d198af01e412a9c12d0 Mon Sep 17 00:00:00 2001
From: James Henry <james@henry.sc>
Date: Tue, 15 Oct 2024 23:38:21 +0400
Subject: [PATCH] chore(repo): fix npm-audit workflow, only run on origin
 (#28457)

---
 .github/workflows/npm-audit.yml | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/npm-audit.yml b/.github/workflows/npm-audit.yml
index e0264dadcb..3bfa7ff925 100644
--- a/.github/workflows/npm-audit.yml
+++ b/.github/workflows/npm-audit.yml
@@ -8,25 +8,21 @@ on:
 permissions: {}
 jobs:
   audit:
+    if: ${{ github.repository_owner == 'nrwl' }}
     permissions:
       contents: read  #  to fetch code (actions/checkout)
-
     runs-on: ubuntu-latest
-
     steps:
       - name: Checkout
         uses: actions/checkout@v3
 
-      - name: Install PNPM
-        run: |
-          npm install -g @pnpm/exe@8
+      - uses: pnpm/action-setup@v4
+        with:
+          version: 9.8.0 # Aligned with root package.json (pnpm/action-setup will helpfully error if out of sync)
 
       - name: Run a security audit
         run: pnpm dlx audit-ci --critical --report-type summary
 
-    # - name: Run Dependency confusion supply chain check
-    #  run: npx snync -d .
-
   report:
     if: ${{ always() && github.repository_owner == 'nrwl' && github.event_name != 'workflow_dispatch' }}
     needs: audit