fix: use npm audit for both package managers (retired pnpm endpoint)

2026-04-15 00:20:34 +00:00
parent 2a35b1939e
commit 04acf4a278
1 changed files with 3 additions and 5 deletions
@@ -168,8 +168,6 @@ jobs:

      - name: Security audit
        run: |
-          if [ "${{ steps.pkg-manager.outputs.manager }}" = "pnpm" ]; then
-            pnpm audit --prod
-          else
-            npm audit --omit=dev
-          fi
+          # npm retired the audit endpoint pnpm uses. Use npm's audit for both
+          # package managers to avoid 410 errors.
+          npm audit --omit=dev