diff --git a/.github/workflows/changesets.yml b/.github/workflows/changesets.yml
index 0629abf..0fe2ad1 100644
--- a/.github/workflows/changesets.yml
+++ b/.github/workflows/changesets.yml
@@ -24,7 +24,7 @@ jobs:
 
       - uses: actions/setup-node@v4
         with:
-          node-version: 22
+          node-version: 22.22.0
 
       - run: corepack enable
 
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 713c6dd..89f81df 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -15,7 +15,7 @@ jobs:
 
       - uses: actions/setup-node@v4
         with:
-          node-version: 22
+          node-version: 22.22.0
 
       - run: corepack enable
 
@@ -43,7 +43,7 @@ jobs:
 
       - uses: actions/setup-node@v4
         with:
-          node-version: 22
+          node-version: 22.22.0
 
       - run: corepack enable
 
@@ -71,7 +71,7 @@ jobs:
 
       - uses: actions/setup-node@v4
         with:
-          node-version: 22
+          node-version: 22.22.0
 
       - run: corepack enable
 
@@ -99,7 +99,7 @@ jobs:
 
       - uses: actions/setup-node@v4
         with:
-          node-version: 22
+          node-version: 22.22.0
 
       - run: corepack enable
 
diff --git a/package.json b/package.json
index 5c0f7aa..866272c 100644
--- a/package.json
+++ b/package.json
@@ -77,8 +77,8 @@
       "eslint-processor-vue-blocks": "-",
       "jsonc-eslint-parser": "-",
       "toml-eslint-parser": "-",
-      "is-core-module": "npm:@nolyfill/is-core-module@^1",
-      "safer-buffer": "npm:@nolyfill/safer-buffer@^1"
+      "is-core-module": "npm:@nolyfill/is-core-module@1.0.39",
+      "safer-buffer": "npm:@nolyfill/safer-buffer@1.0.44"
     }
   }
 }
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 49b15d7..68cd841 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -13,8 +13,8 @@ overrides:
   eslint-processor-vue-blocks: '-'
   jsonc-eslint-parser: '-'
   toml-eslint-parser: '-'
-  is-core-module: npm:@nolyfill/is-core-module@^1
-  safer-buffer: npm:@nolyfill/safer-buffer@^1
+  is-core-module: npm:@nolyfill/is-core-module@1.0.39
+  safer-buffer: npm:@nolyfill/safer-buffer@1.0.44
 
 importers:
 
@@ -1350,6 +1350,7 @@ packages:
 
   glob@10.4.5:
     resolution: {integrity: sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==}
+    deprecated: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
     hasBin: true
 
   globals@14.0.0: