chore(ci): add pnpm security audit and optimize workflow setup

.gitea/workflows/deploy.yml

@@ -161,11 +161,6 @@ jobs:
         uses: pnpm/action-setup@v3
         with:
           version: 10
-      - name: Setup pnpm
-        uses: pnpm/action-setup@v3
-        with:
-          version: 10
-
       - name: Setup Node.js
         uses: actions/setup-node@v4
         with:
@@ -176,6 +171,8 @@ jobs:
           echo "//${{ vars.REGISTRY_HOST || 'npm.infra.mintel.me' }}/:_authToken=${{ secrets.REGISTRY_PASS }}" >> .npmrc
       - name: Install dependencies
         run: pnpm install --frozen-lockfile
+      - name: 🔒 Security Audit
+        run: pnpm audit --audit-level high
       - name: 🧪 QA Checks
         if: github.event.inputs.skip_checks != 'true'
         run: |