fix: resolve 7 open Dependabot security alerts #26

	name: Run pnpm build
	on:
	pull_request:

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	jobs:
	pnpm-build:
	name: pnpm build
	runs-on: ubuntu-latest
	timeout-minutes: 5
	permissions:
	contents: read

	steps:
	- name: Checkout repository
	uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

	- name: Install pnpm
	uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v4.4.0

	- name: Set up Node.js
	uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
	with:
	node-version: 24
	cache: pnpm
	registry-url: https://registry.npmjs.org

	- name: Install dependencies
	run: pnpm install --frozen-lockfile

	- name: Security audit
	run: pnpm audit

	# - name: Code check (Biome)
	# run: pnpm biome check

	- name: Build project
	run: pnpm build

Provide feedback