chore(deps): update pnpm to v7.18.2

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
pnpm (source)	7.16.0 -> 7.18.2

---

Release Notes

pnpm/pnpm

v7.18.2

Compare Source

Patch Changes

• Added --json to the pnpm publish --help output #​5773.
• pnpm update should not replace workspace:*, workspace:~, and workspace:^ with workspace:<version> #​5764.
• The fatal error should be printed in JSON format, when running a pnpm command with the --json option #​5710.
• Throw an error while missing script start or file server.js #​5782.
• pnpm license list should not fail if a license file is an executable #​5740.

Our Gold Sponsors

Our Silver Sponsors

v7.18.1

Compare Source

Patch Changes

• The update notifier should suggest using the standalone script, when pnpm was installed using a standalone script #​5750.
• Vulnerabilities that don't have CVEs codes should not be skipped by pnpm audit if an ignoreCves list is declared in package.json #​5756.
• It should be possible to use overrides with absolute file paths #​5754.
• pnpm audit --json should ignore vulnerabilities listed in auditConfig.ignoreCves #​5734.
• pnpm licenses should print help, not just an error message #​5745.

Our Gold Sponsors

Our Silver Sponsors

v7.18.0

Compare Source

Minor Changes

• Overrides may be defined as a reference to a spec for a direct dependency by prefixing the name of the package you wish the version to match with a `# pnpm.

  {
    "dependencies": {
      "foo": "^1.0.0"
    },
    "overrides": {
      // the override is defined as a reference to the dependency
      "foo": "$foo",
      // the referenced package does not need to match the overridden one
      "bar": "$foo"
    }
  }

  Issue: #​5703

Patch Changes

• pnpm audit should work when the project's package.json has no version field #​5728
• Dependencies specified via * should be updated to semver ranges by pnpm update #​5681.
• It should be possible to override a dependency with a local package using relative path from the workspace root directory #​5493.
• Exit with non-zero exit code when child process exits with a non-zero exit clode #​5525.
• pnpm add should prefer local projects from the workspace, even if they use prerelease versions #​5316

Our Gold Sponsors

Our Silver Sponsors

v7.17.1

Compare Source

Patch Changes

• pnpm set-script and pnpm pkg are passed through to npm #​5683.
• pnpm publish <tarball path> should exit with non-0 exit code when publish fails #​5396.
• readPackage hooks should not modify the package.json files in a workspace #​5670.
• Comments in package.json5 are preserver #​2008.
• pnpm setup should create PNPM_HOME as a non-expandable env variable on Windows #​4658.
• Fix the CLI help of the pnpm licenses command.

Our Gold Sponsors

Our Silver Sponsors

v7.17.0

Compare Source

Minor Changes

• Added a new command pnpm licenses list, which displays the licenses of the packages #​2825

Patch Changes

• pnpm update --latest !foo should not update anything if the only dependency in the project is the ignored one #​5643.
• pnpm audit should send the versions of workspace projects for audit.
• Hoisting with symlinks should not override external symlinks and directories in the root of node_modules.
• The pnpm.updateConfig.ignoreDependencies setting should work with multiple dependencies in the array #​5639.

Our Gold Sponsors

Our Silver Sponsors

v7.16.1

Compare Source

Patch Changes

• Sync all injected dependencies when hoisted node linker is used #​5630

Our Gold Sponsors

Our Silver Sponsors

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[github-actions]

PR Compliance Checks

Thank you for your Pull Request! We have run several checks on this pull request in order to make sure it's suitable for merging into this project. The results are listed in the following section.

Issue Reference

In order to be considered for merging, the pull request description must refer to a specific issue number. This is described in our Contributing Guide. We are closing this pull request for now but you can update the pull request description and reopen the pull request.
The check is looking for a phrase similar to: "Fixes #XYZ" or "Resolves #XYZ" where XYZ is the issue number that this PR is meant to address.