ci(corepack): pinned the expected dev version of npm and explicitly u…

…sed it for audit signatures (#3221)

.github/workflows/release.yml

@@ -24,7 +24,7 @@ jobs:
           cache: npm
           node-version: lts/*
       - run: npm clean-install
-      - run: npm audit signatures
+      - run: corepack npm audit signatures
       # pinned version updated automatically by Renovate.
       # details at https://semantic-release.gitbook.io/semantic-release/usage/installation#global-installation
       - run: npx semantic-release@21.0.2

.github/workflows/test.yml

@@ -42,7 +42,7 @@ jobs:
           node-version: ${{ matrix.node-version }}
           cache: npm
       - run: npm clean-install
-      - run: npm audit signatures
+      - run: corepack npm audit signatures
       - run: npm test
 
   # verify against the node version defined for development in the .nvmrc
@@ -60,7 +60,7 @@ jobs:
           node-version-file: .nvmrc
           cache: npm
       - run: npm clean-install
-      - run: npm audit signatures
+      - run: corepack npm audit signatures
       - run: npm test
 
   # separate job to set as required in branch protection,

package.json

@@ -161,5 +161,6 @@
     "extends": [
       "github>semantic-release/.github:renovate-config"
     ]
-  }
+  },
+  "packageManager": "npm@10.5.0+sha256.17ca6e08e7633b624e8f870db81a78f46afe119de62bcaf0a7407574139198fc"
 }