fix!: save the whole tarball URL, when it doesn't use the standard format

[zkochan]

pnpm doesn't store the URLs to package tarballs, when the package tarball URL may be calculated automatically using the registry, package name and version.

For instance, if we know that the package is hosted in the https://registry.npmjs.org registry and the name of the package is is-odd and the version of the package is 1.0.0, then we know that we can download the tarball from:

https://registry.npmjs.org/is-odd/-/is-odd-1.0.0.tgz

However, if the registry uses a different URL format for storing the tarballs, then we can't calculate it automatically and in this case we need to store that tarball URL in the lockfile. Currently, we don't store the whole URL in the lockfile, just the URL path. So, for instance, if the tarball was hosted at https://registry.npmjs.org/tar/is-odd@1.0.0.tgz, then we would add this to the lockfile:

tarball: tar/is-odd@1.0.0.tgz

The disadvantage of this approach is that if someone changes the registry and tries to run pnpm install, installation will probably fail with a 404 error because the other registry may use a different tarball URL.