chore(deps): update pnpm to v7.9.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
pnpm (source)	7.6.0 -> 7.9.0

---

Release Notes

pnpm/pnpm

v7.9.0

Compare Source

Minor Changes

• When ignore-dep-scripts is true, ignore scripts of dependencies but run the scripts of the project.
• When ignore-compatibility-db is set to true, the compatibility database will not be used to patch dependencies #​5132.
• Print the versions of packages in peer dependency warnings and errors.
• Support a new hook for passing a custom package importer to the store controller.

Patch Changes

• Don't print the same deprecation warning multiple times.
• On POSIX pnpm setup should suggest users to source the config instead of restarting the terminal.
• Installing a package with bin that points to an .exe file on Windows #​5159.
• Fix bug where the package manifest was not resolved if verify-store-integrity is set to false.
• Fix sorting of keys in lockfile to make it more deterministic and prevent unnecessary churn in the lockfile #​5151.
• Don't create a separate bundle for pnpx.

Our Gold Sponsors

#### Our Silver Sponsors

v7.8.0

Compare Source

Minor Changes

• When publishConfig.directory is set, only symlink it to other workspace projects if publishConfig.linkDirectory is set to true. Otherwise, only use it for publishing #​5115.

Patch Changes

• Don't incorrectly identify a lockfile out-of-date when the package has a publishConfig.directory field #​5124.
• Don't crash when a config file contains a setting with an env variable that doesn't exist #​5093.

Our Gold Sponsors

#### Our Silver Sponsors #### What's Changed * fix: don't incorrectly identify a lockfile out-of-date by @​zkochan in https://github.com/pnpm/pnpm/pull/5126 * feat: publishConfig.linkDirectory by @​zkochan in https://github.com/pnpm/pnpm/pull/5125 * fix: don't crash on a .npmrc with missing env var by @​zkochan in https://github.com/pnpm/pnpm/pull/5127 * chore: fix typo by @​LuciNyan in https://github.com/pnpm/pnpm/pull/5128 #### New Contributors * @​LuciNyan made their first contribution in https://github.com/pnpm/pnpm/pull/5128

Full Changelog: pnpm/pnpm@v7.7.1...v7.8.0

v7.7.1

Compare Source

Patch Changes

• pnpm should not consider a lockfile out-of-date if auto-install-peers is set to true and the peer dependency is in devDependencies or optionalDependencies #​5080.
• Don't incorrectly consider a lockfile out-of-date when workspace:^ or workspace:~ version specs are used in a workspace.

Our Gold Sponsors

#### Our Silver Sponsors #### What's Changed * fix: frozen install in a project with peer deps and `auto-install-peers=true` by @​zkochan in https://github.com/pnpm/pnpm/pull/5120 * fix: don't incorrectly consider a lockfile to be out-of-date by @​zkochan in https://github.com/pnpm/pnpm/pull/5121

Full Changelog: pnpm/pnpm@v7.7.0...v7.7.1

v7.7.0

Compare Source

Minor Changes

• Add experimental lockfile format that should merge conflict less in the importers section. Enabled by setting the use-inline-specifiers-lockfile-format = true feature flag in .npmrc.

  If this feature flag is committed to a repo, we recommend setting the minimum allowed version of pnpm to this release in the package.json engines field. Once this is set, older pnpm versions will throw on invalid lockfile versions.

• Add publishDirectory field to the lockfile and relink the project when it changes.

• verify-store-integrity=false makes pnpm skip checking the integrities of files in the global content-addressable store.

• Allow to set only-built-dependencies[] through .npmrc.

Patch Changes

• It should be possible to publish a package with local dependencies from a custom publish directory (set via publishConfig.directory) #​3901.
• pnpm deploy should inject local dependencies of all types (dependencies, optionalDependencies, devDependencies) #​5078.
• When a project in a workspace has a publishConfig.directory set, dependent projects should install the project from that directory #​3901
• pnpm deploy: accept absolute paths and use cwd instead of workspaceDir for deploy target directory #​4980.
• pnpm setup should update .zshrc in the right directory when a $ZDOTDIR is set.

Our Gold Sponsors

#### Our Silver Sponsors #### What's Changed * fix(deploy): inject all types of deps by @​zkochan in https://github.com/pnpm/pnpm/pull/5084 * fix(make-dedicated-lockfile): prepublishOnly script is automatically … by @​zkochan in https://github.com/pnpm/pnpm/pull/5083 * fix: symlink a workspace pkg correctly, when it has a custom publish dir by @​zkochan in https://github.com/pnpm/pnpm/pull/5089 * feat: add experimental use-inline-specifiers-lockfile-format by @​gluxon in https://github.com/pnpm/pnpm/pull/5091 * fix: plugin-commands-deploy use path resolve on deploy target dir by @​AWare in https://github.com/pnpm/pnpm/pull/5026 * fix: relink the project when its publish directory changes by @​zkochan in https://github.com/pnpm/pnpm/pull/5109 * fix: don't include specifiers field in new experimental lockfile format by @​zkochan in https://github.com/pnpm/pnpm/pull/5110 * feat: verify-store-integrity by @​zkochan in https://github.com/pnpm/pnpm/pull/5112 #### New Contributors * @​AWare made their first contribution in https://github.com/pnpm/pnpm/pull/5026

Full Changelog: pnpm/pnpm@v7.6.0...v7.7.0

---

Configuration

📅 Schedule: Branch creation - "before 5am on Wednesday" in timezone Europe/Berlin, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, click this checkbox.

---

This PR has been generated by Mend Renovate. View repository job log here.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 581d263

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[mheob]

LGTM