Update to use latest corepack version with updated npm registry keys

[koodiohto]

Description:

Currently all our GitHub Actions workflows which use actions/setup-node@v4 fail for error:

/usr/local/lib/node_modules/corepack/dist/lib/corepack.cjs:21535
  if (key == null || signature == null) throw new Error(`Cannot find matching keyid: ${JSON.stringify({ signatures, keys })}`);
                                              ^

Error: Cannot find matching keyid: {"signatures":[{"sig":"MEQCIHGqHbvc2zImUPEPFpT4grh6rMYslel+lAjFArx8+RUdAiBfnJA+bgmUvO5Lctfkq+46KKDQdx/8RhLPge3pA+EdHA==","keyid":"SHA256:DhQ8wR5APBvFHLF/+Tc+AYvPOdTpcIDqOhxsBHRwC7U"}],"keys":[{"expires":null,"keyid":"SHA256:jl3bwswu80PjjokCgh0o2w5c2U4LhQAE57gj9cz1kzA","keytype":"ecdsa-sha2-nistp256","scheme":"ecdsa-sha2-nistp256","key":"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE1Olb3zMAFFxXKHiIkQO5cJ3Yhl5i6UPp+IhuteBJbuHcA5UogKo0EWtlWwW6KSaKoTNEYL7JlCQiVnkhBktUgg=="}]}
    at verifySignature (/usr/local/lib/node_modules/corepack/dist/lib/corepack.cjs:215[35](https://github.com/fortum/global-web/actions/runs/13108856831/job/36568265864?pr=2446#step:4:37):47)
    at fetchLatestStableVersion (/usr/local/lib/node_modules/corepack/dist/lib/corepack.cjs:21553:5)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async fetchLatestStableVersion2 (/usr/local/lib/node_modules/corepack/dist/lib/corepack.cjs:21672:14)
    at async Engine.getDefaultVersion (/usr/local/lib/node_modules/corepack/dist/lib/corepack.cjs:22292:23)
    at async Engine.executePackageManagerRequest (/usr/local/lib/node_modules/corepack/dist/lib/corepack.cjs:22390:47)
    at async Object.runMain (/usr/local/lib/node_modules/corepack/dist/lib/corepack.cjs:23096:5)

I think the actions/setup-node@v4 should use the latest release version of corepack where the npm registry keys have been updated.

Action version:
v4

Platform:

• Ubuntu

Runner type:

• Hosted

Tools version:

Node.js: 20.18.2
Package Manager: pnpm 9.x

Repro steps:
Use the actions/setup-node@v4 in a GitHub Actions workflow.

Expected behavior:
The setup-node action should install Node.js and configure the package manager without encountering Corepack signature verification errors.

Actual behavior:
The setup-node fails immediately due to Corepack being unable to verify the signature of the npm registry key.

[pi0]

A quick workaround is using below instead of corepack: enable

run: npm i -g --force corepack && corepack enable

[gowridurgad]

Hi @koodiohto,
Thank you for creating this issue. We will investigate it and provide feedback as soon as we have some updates.