Context
This PR,
and the associated release,
Creates a regression on my workflows.
Details
I am using PNPM action on central workflows that without providing any with: version due to respecting each project's package.json:engines and package.json:packageManager versions,
since its setting up for 11 at first, then downgrades to 10 for instance
Switching pnpm from v11.7.0 to v10.XX.X...
And in case this extra detail needed, I am also giving the pnpm scope to public npmjs registry via npmrc instead of my private registry due to binary package limitations and so on.
@pnpm:registry=https://registry.npmjs.org/
Until 6.0.8, this setup was working but with 6.0.9, I get
[ERR_PNPM_PNPM_ENGINE_IDENTITY_MISMATCH] Refusing to run pnpm@10.XX.XX: its npm registry signature
could not be verified (pnpm@10.XX.X: pnpm@10.XX.X has no registry signature).
The bytes selected by this project's lockfile/registry do not match a published, signed pnpm release.
This can indicate a tampered lockfile or a malicious/unreachable registry.
Set `pmOnFail` to `ignore` to skip the version switch if this is unexpected.
Any ideas?
Context
This PR,
and the associated release,
Creates a regression on my workflows.
Details
I am using PNPM action on central workflows that without providing any
with: versiondue to respecting each project'spackage.json:enginesandpackage.json:packageManagerversions,since its setting up for 11 at first, then downgrades to 10 for instance
And in case this extra detail needed, I am also giving the pnpm scope to public npmjs registry via
npmrcinstead of my private registry due to binary package limitations and so on.Until 6.0.8, this setup was working but with 6.0.9, I get
Any ideas?