From 0bdfc2f6ac84eb8764ffb9bb63b3c08741359d26 Mon Sep 17 00:00:00 2001
From: Eugene Brodsky <ebr@users.noreply.github.com>
Date: Fri, 26 Jan 2024 12:07:31 -0500
Subject: [PATCH] ci: ignore scripts on pnpm install to avoid security exposure

---
 .github/workflows/npm-publish.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml
index f891285..dbc6077 100644
--- a/.github/workflows/npm-publish.yml
+++ b/.github/workflows/npm-publish.yml
@@ -39,7 +39,7 @@ jobs:
           run_install: false
 
       - name: Install dependencies
-        run: pnpm install --frozen-lockfile
+        run: pnpm install --frozen-lockfile --ignore-scripts
         env:
           # NODE_AUTH_TOKEN: ${{ matrix.registry.token }}
           NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}