import yarn.lock

[milahu]

start fixing issue #2707

code passes eslint, compiles, runs with success on project jsdom
which is using yarn.lock to force versions, otherwise jsdom fails to compile
jsdom compile is passing, so my patch cant be too bad : ]
but maybe other projects fail to compile with this pnpm import

TODO allow to set lockfile like pnpm import [lockfile]

TODO dont run scripts after pnpm import, only after pnpm install
import only creates the pnpm-lock.yaml file
maybe run install after import?

TODO why does pnpm import say 'Already up-to-date'?

TODO tell the user what lockfile is imported

getAllVersionsByPackageNames(npmPackageLock.dependencies[packageName], versionsByPackageNames)

.... why make the deps-tree flat?
= pass versionsByPackageNames on recursion
not versionsByPackageNames[packageName].dependencies
npm lockfiles allow locking of top-level AND sub dependency versions
i also dont understand the manpage on limitations

npm can install the same name@version multiple times and with different sets of dependencies. npm's shrinkwrap file is designed to reflect the node_modules layout created by npm. pnpm cannot create a similar layout, so it cannot respect npm's lockfile format. However, see pnpm import.

my understanding was that pnpm can install different versions
in pnpm's nested (non-flat) node_modules tree

import * as pnpmConst from '@pnpm/constants'
const WANTED_LOCKFILE: string = pnpmConst.WANTED_LOCKFILE

.... is needed to make eslint happy
see eslint rule @typescript-eslint/restrict-template-expressions

using 'foreign lockfile' as shortname for a non-pnpm lockfile
could use a better name. 'external lockfile'?

[zkochan]

Great to see a new contributor! Let us know when it is ready for review.
And don't hesitate to ask questions