chore(deps): update pnpm to v7.4.1

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
pnpm (source)	7.3.0 -> 7.4.1

---

Release Notes

pnpm/pnpm

v7.4.1

Compare Source

Patch Changes

• pnpm install in a workspace with patches should not fail when doing partial installation #​4954.
• Never skip lockfile resolution when the lockfile is not up-to-date and --lockfile-only is used. Even if frozen-lockfile is true #​4951.
• Never add an empty patchedDependencies field to pnpm-lock.yaml.

Our Gold Sponsors

#### Our Silver Sponsors #### What's Changed * fix(lockfile): never add an empty `patchedDependencies` field to `pnpm-lock.yaml` by @​zkochan in https://github.com/pnpm/pnpm/pull/4948 * Add "refs/"+refname to resolution options by @​rotu in https://github.com/pnpm/pnpm/pull/4953 * fix: --lockfile-only in CI and with frozen-lockfile=true by @​zkochan in https://github.com/pnpm/pnpm/pull/4955 * fix: partial install in workspace with patches should not fail by @​zkochan in https://github.com/pnpm/pnpm/pull/4956 #### New Contributors * @​rotu made their first contribution in https://github.com/pnpm/pnpm/pull/4953

Full Changelog: pnpm/pnpm@v7.4.0...v7.4.1

v7.4.0

Compare Source

Minor Changes

• Dependencies patching is possible via the pnpm.patchedDependencies field of the package.json.
  To patch a package, the package name, exact version, and the relative path to the patch file should be specified. For instance:

  {
    "pnpm": {
      "patchedDependencies": {
        "eslint@1.0.0": "./patches/eslint@1.0.0.patch"
      }
    }
  }

• Two new commands added: pnpm patch and pnpm patch-commit.

  pnpm patch <pkg> prepares a package for patching. For instance, if you want to patch express v1, run:

  pnpm patch express@1.0.0
  

  pnpm will create a temporary directory with express@1.0.0 that you can modify with your changes.
  Once you are read with your changes, run:

  pnpm patch-commit <path to temp folder>
  

  This will create a patch file and write it to <project>/patches/express@1.0.0.patch.
  Also, it will reference this new patch file from the patchedDependencies field in package.json:

  {
    "pnpm": {
      "patchedDependencies": {
        "express@1.0.0": "patches/express@1.0.0.patch"
      }
    }
  }

• A new experimental command added: pnpm deploy. The deploy command takes copies a project from a workspace and installs all of its production dependencies (even if some of those dependencies are other projects from the workspace).

  For example, the new command will deploy the project named foo to the dist directory in the root of the workspace:

  pnpm --filter=foo deploy dist
  

• package-import-method supports a new option: clone-or-copy.

• New setting added: include-workspace-root. When it is set to true, the run, exec, add, and test commands will include the root package, when executed recursively #​4906

Patch Changes

• Don't crash when pnpm update --interactive is cancelled with Ctrl+c.

• The use-node-version setting should work with prerelease Node.js versions. For instance:

  use-node-version=18.0.0-rc.3
  

• Return early when the lockfile is up-to-date.

• Resolve native workspace path for case-insensitive file systems #​4904.

• Don't link local dev dependencies, when prod dependencies should only be installed.

• pnpm audit --fix should not add an override for a vulnerable package that has no fixes released.

• Update the compatibility database.

Our Gold Sponsors

##### Our Silver Sponsors ##### What's Changed * feat: patch package by @​zkochan in https://github.com/pnpm/pnpm/pull/4885 * feat: add `patch` and `patch-commit` commands by @​zkochan in https://github.com/pnpm/pnpm/pull/4900 * fix(env): `use-node-version` should work with prerelease versions by @​zkochan in https://github.com/pnpm/pnpm/pull/4903 * refactor: create @​pnpm/node.fetcher by @​zkochan in https://github.com/pnpm/pnpm/pull/4908 * feat(patch): update patched dependencies on install by @​zkochan in https://github.com/pnpm/pnpm/pull/4905 * fix: throw an error if not all patches were applied by @​zkochan in https://github.com/pnpm/pnpm/pull/4911 * fix: a modified patch should update the deps on install by @​zkochan in https://github.com/pnpm/pnpm/pull/4918 * fix: packages should be patched even when scripts are ignored by @​zkochan in https://github.com/pnpm/pnpm/pull/4922 * fix: patch package even if it is not in the onlyBuiltDependencies list by @​zkochan in https://github.com/pnpm/pnpm/pull/4925 * fix: respect include-workspace-root npmrc option by @​shirotech in https://github.com/pnpm/pnpm/pull/4928 * fix: install --lockfile-only should exit early by @​zkochan in https://github.com/pnpm/pnpm/pull/4932 * fix: resolve real path for case insensitive systems by @​mdogadailo in https://github.com/pnpm/pnpm/pull/4935 * feat: deploy command by @​zkochan in https://github.com/pnpm/pnpm/pull/4933 * fix: use recursive for deploy command directory creation by @​ragrag in https://github.com/pnpm/pnpm/pull/4943 * fix: don't fail when the patched pkg appears multiple times by @​zkochan in https://github.com/pnpm/pnpm/pull/4945 ##### New Contributors * @​shirotech made their first contribution in https://github.com/pnpm/pnpm/pull/4928 * @​mdogadailo made their first contribution in https://github.com/pnpm/pnpm/pull/4935 * @​ragrag made their first contribution in https://github.com/pnpm/pnpm/pull/4943

Full Changelog: pnpm/pnpm@v7.3.0...v7.4.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, click this checkbox.

---

This PR has been generated by Mend Renovate. View repository job log here.