chore(deps): update pnpm to v10.9.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
pnpm (source)	10.8.0 -> 10.9.0

---

Release Notes

pnpm/pnpm (pnpm)

v10.9.0

Compare Source

Minor Changes

• Added support for installing JSR packages. You can now install JSR packages using the following syntax:

  pnpm add jsr:<pkg_name>
  

  or with a version range:

  pnpm add jsr:<pkg_name>@&#8203;<range>
  

  For example, running:

  pnpm add jsr:@​foo/bar
  

  will add the following entry to your package.json:

  {
    "dependencies": {
      "@​foo/bar": "jsr:^0.1.2"
    }
  }

  When publishing, this entry will be transformed into a format compatible with npm, older versions of Yarn, and previous pnpm versions:

  {
    "dependencies": {
      "@​foo/bar": "npm:@​jsr/foo__bar@^0.1.2"
    }
  }

  Related issue: #​8941.

  Note: The @jsr scope defaults to https://npm.jsr.io/ if the @jsr:registry setting is not defined.

• Added a new setting, dangerouslyAllowAllBuilds, for automatically running any scripts of dependencies without the need to approve any builds. It was already possible to allow all builds by adding this to pnpm-workspace.yaml:

  neverBuiltDependencies: []

  dangerouslyAllowAllBuilds has the same effect but also allows to be set globally via:

  pnpm config set dangerouslyAllowAllBuilds true
  

  It can also be set when running a command:

  pnpm install --dangerously-allow-all-builds
  

Patch Changes

• Fix a false negative in verifyDepsBeforeRun when nodeLinker is hoisted and there is a workspace package without dependencies and node_modules directory #​9424.
• Explicitly drop verifyDepsBeforeRun support for nodeLinker: pnp. Combining verifyDepsBeforeRun and nodeLinker: pnp will now print a warning.

v10.8.1

Compare Source

Patch Changes

• Removed bright white highlighting, which didn't look good on some light themes #​9389.
• If there is no pnpm related configuration in package.json, onlyBuiltDependencies will be written to pnpm-workspace.yaml file #​9404.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 100.00%. Comparing base (66612ce) to head (e0262f6).
Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff            @@
##              main      #731   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            1         1           
  Lines           38        38           
  Branches         5         5           
=========================================
  Hits            38        38           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.