chore(repo): fix npm-audit workflow, only run on origin (#28457)

2024-10-15 23:38:21 +04:00 · 2024-10-15 23:38:21 +04:00 · 3cab51389f
commit 3cab51389f
parent 45b0b7d902
1 changed files with 4 additions and 8 deletions
--- a/.github/workflows/npm-audit.yml
+++ b/.github/workflows/npm-audit.yml
@ -8,25 +8,21 @@ on:
 permissions: {}
 jobs:
  audit:
+    if: ${{ github.repository_owner == 'nrwl' }}
    permissions:
      contents: read  #  to fetch code (actions/checkout)
-
    runs-on: ubuntu-latest
-
    steps:
      - name: Checkout
        uses: actions/checkout@v3

-      - name: Install PNPM
-        run: |
-          npm install -g @pnpm/exe@8
+      - uses: pnpm/action-setup@v4
+        with:
+          version: 9.8.0 # Aligned with root package.json (pnpm/action-setup will helpfully error if out of sync)

      - name: Run a security audit
        run: pnpm dlx audit-ci --critical --report-type summary

-    # - name: Run Dependency confusion supply chain check
-    #  run: npx snync -d .
-
  report:
    if: ${{ always() && github.repository_owner == 'nrwl' && github.event_name != 'workflow_dispatch' }}
    needs: audit