feat: update pnpm audit

nashtech-garage · Dec 16, 2024 · 8fcef70 · 8fcef70
1 parent b8a0991
commit 8fcef70
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -60,6 +60,12 @@ jobs:
                       npm install --audit --prefer-offline
                       npm audit --json > npm-audit-report.json || true
                       cat npm-audit-report.json
+                  elif [ -f "pnpm-lock.yaml" ]; then
+                      echo "Detected pnpm project. Running pnpm audit..."
+                      npm install -g pnpm
+                      pnpm install --frozen-lockfile
+                      pnpm audit --json > pnpm-audit-report.json || true
+                      cat pnpm-audit-report.json
                   elif [ -f "yarn.lock" ]; then
                       echo "Detected Yarn project. Running yarn audit..."
                       yarn install --prefer-offline