pnpm9: version is incompatible with "/home/dependabot/dependabot-updater/repo".

[fallemand]

Package ecosystem

npm

Package manager version

pnpm 9

Language version

Node 20

What you expected to see, versus what you actually saw

My repo is now using pnpm 9, so we define in the package.json

"engines": {
    "node": ">=20.6.0",
    "pnpm": "^9.0.4"
  },

But all dependabot updates are failing, since dependabot runs in v8:

updater | Your pnpm version is incompatible with "/home/dependabot/dependabot-updater/repo".
updater | 
updater | Expected version: ^9.0.4
updater | Got: 8.15.6
updater | 
updater | This is happening because the package's manifest has an engines.pnpm field specified.
updater | To fix this issue, install the required pnpm version globally.
updater | 
updater | To install the latest version of pnpm, run "pnpm i -g pnpm".
updater | To check your pnpm version, run "pnpm -v".

If we allow pnpm8, Dependabot will create the PR, but the newly generated pnpm-lock will be broken since it's generated with version 6.

[fallemand]

If we allow pnpm8, Dependabot will create the PR, but the new generated pnpm-lock will be broken, since it's generated with version 6.

[VIKTORVAV99]

We are seeing the same issue with all our dependabot jobs fail due to the above error since updating. Which is quite unfortunate as we expected pnpm 9 to be supported by now.