From ac16771c45c2211d33c845fc29c7aed1812bfcf2 Mon Sep 17 00:00:00 2001
From: Matt Travi <programmer@travi.org>
Date: Wed, 13 Mar 2024 22:28:35 -0500
Subject: [PATCH] ci(corepack): pinned the expected dev version of npm and
 explicitly used it for audit signatures

---
 .github/workflows/release.yml | 2 +-
 .github/workflows/test.yml    | 3 ++-
 package.json                  | 3 ++-
 3 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index fa7dc7ae..4b477343 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -24,7 +24,7 @@ jobs:
           cache: npm
           node-version: lts/*
       - run: npm clean-install
-      - run: npm audit signatures
+      - run: corepack npm audit signatures
       - run: npx semantic-release
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 6078adce..1f077c40 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -35,6 +35,7 @@ jobs:
           node-version: "${{ matrix.node-version }}"
           cache: npm
       - run: npm clean-install
+      - run: corepack npm audit signatures
       - run: npm test
 
   test_dev:
@@ -46,7 +47,7 @@ jobs:
           node-version-file: .nvmrc
           cache: npm
       - run: npm clean-install
-      - run: npm audit signatures
+      - run: corepack npm audit signatures
       - run: npm test
 
   test:
diff --git a/package.json b/package.json
index 2a479916..89eb5270 100644
--- a/package.json
+++ b/package.json
@@ -119,5 +119,6 @@
     "extends": [
       "github>semantic-release/.github:renovate-config"
     ]
-  }
+  },
+  "packageManager": "npm@10.5.0+sha256.17ca6e08e7633b624e8f870db81a78f46afe119de62bcaf0a7407574139198fc"
 }