chore(repo): fix npm-audit workflow, only run on origin

nrwl · Oct 15, 2024 · 6a60148 · 6a60148
1 parent e0f9a5c
commit 6a60148
Showing 1 changed file with 4 additions and 8 deletions.
diff --git a/.github/workflows/npm-audit.yml b/.github/workflows/npm-audit.yml
@@ -8,25 +8,21 @@ on:
 permissions: {}
 jobs:
   audit:
+    if: ${{ github.repository_owner == 'nrwl' }}
     permissions:
       contents: read  #  to fetch code (actions/checkout)
-
     runs-on: ubuntu-latest
-
     steps:
       - name: Checkout
         uses: actions/checkout@v3
 
-      - name: Install PNPM
-        run: |
-          npm install -g @pnpm/exe@8
+      - uses: pnpm/action-setup@v4
+        with:
+          version: 9.8.0 # Aligned with root package.json (pnpm/action-setup will helpfully error if out of sync)
 
       - name: Run a security audit
         run: pnpm dlx audit-ci --critical --report-type summary
 
-    # - name: Run Dependency confusion supply chain check
-    #  run: npx snync -d .
-
   report:
     if: ${{ always() && github.repository_owner == 'nrwl' && github.event_name != 'workflow_dispatch' }}
     needs: audit