Merge pull request #90 from privilegedescalation/hugh/fix-pnpm-audit-retired-endpoint

fix: use npm audit for both package managers (retired pnpm endpoint)
2026-04-15 01:25:40 +00:00
parent 996b14b325 04acf4a278
commit 07467773b9
1 changed files with 3 additions and 5 deletions
@@ -169,8 +169,6 @@ jobs:

      - name: Security audit
        run: |
-          if [ "${{ steps.pkg-manager.outputs.manager }}" = "pnpm" ]; then
-            pnpm audit --prod
-          else
-            npm audit --omit=dev
-          fi
+          # npm retired the audit endpoint pnpm uses. Use npm's audit for both
+          # package managers to avoid 410 errors.
+          npm audit --omit=dev