ci(corepack): pinned the expected dev version of npm and explicitly used it for audit signatures

travi · travi · commit 023633990e81 · 2024-03-22T14:22:42.000-05:00
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -24,7 +24,7 @@ jobs:
           cache: npm
           node-version: lts/*
       - run: npm clean-install
-      - run: npm audit signatures
+      - run: corepack npm audit signatures
       - run: npx semantic-release
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -41,7 +41,7 @@ jobs:
           node-version: lts/*
           cache: npm
       - run: npm clean-install
-      - run: npm audit signatures
+      - run: corepack npm audit signatures
       - run: npm run lint
       - name: All matrix versions passed
         if: ${{ !(contains(needs.*.result, 'failure')) }}
diff --git a/package.json b/package.json
@@ -107,5 +107,6 @@
     "extends": [
       "github>semantic-release/.github:renovate-config"
     ]
-  }
+  },
+  "packageManager": "npm@10.5.0+sha256.17ca6e08e7633b624e8f870db81a78f46afe119de62bcaf0a7407574139198fc"
 }

Original file line number	Diff line number	Diff line change
`@@ -107,5 +107,6 @@`
`107`	`107`	`"extends": [`
`108`	`108`	`"github>semantic-release/.github:renovate-config"`
`109`	`109`	`]`
`110`		`- }`
	`110`	`+ },`
	`111`	`+ "packageManager": "[email protected]+sha256.17ca6e08e7633b624e8f870db81a78f46afe119de62bcaf0a7407574139198fc"`
`111`	`112`	`}`