diff --git a/.github/workflows/security-scan-source.yml b/.github/workflows/security-scan-source.yml index c7a119f..df148b4 100644 --- a/.github/workflows/security-scan-source.yml +++ b/.github/workflows/security-scan-source.yml @@ -199,7 +199,8 @@ jobs: if: | always() && needs.scan_source.outputs.npm_audit_result == 'failure' - && (github.actor == 'dependabot[bot]' || github.event_name == 'schedule') + && github.actor == 'dependabot[bot]' + && inputs.head_ref != '' && !startsWith(inputs.head_ref, 'audit-fix/') uses: ./.github/workflows/npm-audit-autofix.yml with: