chore(deps): update pnpm to v10.0.0-rc.0 (#2330)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [pnpm](https://pnpm.io)
([source](https://redirect.github.com/pnpm/pnpm/tree/HEAD/pnpm)) |
[`10.0.0-beta.3+sha512.c80ce119df06d870c6029de0040d75ca3fad1e1e386914b691cdf663ec5aa8ab470312580b11257fddf4a340fc6a9737599fc2a489b195c13bf88c86bd3f9006`
->
`10.0.0-rc.0`](https://renovatebot.com/diffs/npm/pnpm/10.0.0-beta.3/10.0.0-rc.0)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/pnpm/10.0.0-rc.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/pnpm/10.0.0-rc.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/pnpm/10.0.0-beta.3/10.0.0-rc.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/pnpm/10.0.0-beta.3/10.0.0-rc.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>pnpm/pnpm (pnpm)</summary>

###
[`v10.0.0-rc.0`](https://redirect.github.com/pnpm/pnpm/blob/HEAD/pnpm/CHANGELOG.md#1000-rc0)

[Compare
Source](https://redirect.github.com/pnpm/pnpm/compare/v10.0.0-beta.3...v10.0.0-rc.0)

##### Major Changes

-   **`pnpm link` behavior updated**:
The `pnpm link` command now adds overrides to the root `package.json`.
- In a workspace: The override is added to the root of the workspace,
linking the dependency to all projects in the workspace.
- Global linking: To link a package globally, run `pnpm link` from the
package’s directory. Previously, you needed to use `pnpm link -g`.
Related PR:
[#&#8203;8653](https://redirect.github.com/pnpm/pnpm/pull/8653)

-   **Secure hashing with SHA256**:
Various hashing algorithms have been updated to SHA256 for enhanced
security and consistency:
- Long paths inside `node_modules/.pnpm` are now hashed with SHA256.
- Long peer dependency hashes in the lockfile now use SHA256 instead of
MD5. (This affects very few users since these are only used for long
keys.)
- The hash stored in the `packageExtensionsChecksum` field of
`pnpm-lock.yaml` is now SHA256.
    -   The side effects cache keys now use SHA256.
- The pnpmfile checksum in the lockfile now uses SHA256
([#&#8203;8530](https://redirect.github.com/pnpm/pnpm/pull/8530)).

-   **`packageManager` field support**:
`pnpm` now manages its own version based on the `packageManager` field
in `package.json`. To disable this behavior, set
`manage-package-manager-versions` to `false`.

-   **`pnpm test` parameter forwarding**:
`pnpm test` now passes all parameters after the `test` keyword directly
to the underlying script. This matches the behavior of `pnpm run test`.
Previously you needed to use the `--` prefix.
Related PR:
[#&#8203;8619](https://redirect.github.com/pnpm/pnpm/pull/8619)

-   **Refined hoisting behavior**:
Packages containing `eslint` or `prettier` in their name are no longer
hoisted to the root `node_modules`. The default value of the
`public-hoist-pattern` setting has changed.
Related Issue:
[#&#8203;8378](https://redirect.github.com/pnpm/pnpm/issues/8378)

-   **Updated compatibility database**:
Upgraded `@yarnpkg/extensions` to v2.0.3. This may alter your lockfile.

-   **Improved store indexing**:
Index files in the store now reference both the content hash and package
identifier, allowing:
1. Validation that the lockfile’s integrity matches the intended package
(helpful after resolving Git conflicts).
2. Multiple packages or versions with the same content to co-exist in
the store.
Related PR:
[#&#8203;8510](https://redirect.github.com/pnpm/pnpm/pull/8510)
Related Issue:
[#&#8203;8204](https://redirect.github.com/pnpm/pnpm/issues/8204)

-   **More efficient side effects indexing**:
The structure of index files in the store has changed. Side effects are
now tracked more efficiently by listing only file differences rather
than all files.
Related PR:
[#&#8203;8636](https://redirect.github.com/pnpm/pnpm/pull/8636)

-   **Shorter default `virtual-store-dir-max-length` on Windows**:
The default `virtual-store-dir-max-length` has been reduced to 60
characters on Windows.

-   **Escape `#` in virtual store directories**:
The `#` character is now escaped in directory names within
`node_modules/.pnpm`.
Related PR:
[#&#8203;8557](https://redirect.github.com/pnpm/pnpm/pull/8557)

-   **Store version bump to v10**:
    The store layout has changed:
    -   A new `index` directory stores package content mappings.
    -   Previously, these files were in `files`.
- The new store format includes a new structure for side-effects cache
mappings.

-   **Prevent global `pnpm` installation via `pnpm add --global`**:
Running `pnpm add --global pnpm` or `pnpm add --global @&#8203;pnpm/exe`
now fails with an error message, directing you to use `pnpm self-update`
instead.
Related PR:
[#&#8203;8728](https://redirect.github.com/pnpm/pnpm/pull/8728)

-   **URL dependencies recorded by final resolved URL**:
Dependencies added via a URL now record the final resolved URL in the
lockfile, ensuring that any redirects are fully captured.
Related Issue:
[#&#8203;8833](https://redirect.github.com/pnpm/pnpm/issues/8833)

-   **`pnpm deploy` restricted**:
The `pnpm deploy` command now only works in workspaces that have
`inject-workspace-packages=true`.

-   **Reduced environment variables for scripts**:
During script execution, fewer `npm_package_*` environment variables are
set. Only `name`, `version`, `bin`, `engines`, and `config` remain.
Related Issue:
[#&#8203;8552](https://redirect.github.com/pnpm/pnpm/issues/8552)

-   **Lockfile conversion removal**:
Removed conversion from lockfile v6 to v9. If you need v6-to-v9
conversion, use pnpm CLI v9.

-   **Install all dependencies regardless of `NODE_ENV`**:
    All dependencies are now installed even if `NODE_ENV=production`.
Related Issue:
[#&#8203;8827](https://redirect.github.com/pnpm/pnpm/issues/8827)

##### Minor Changes

-   **New `verify-deps-before-run` setting**:
This setting controls how `pnpm` checks `node_modules` before running
scripts:
- `install`: Automatically run `pnpm install` if `node_modules` is
outdated.
    -   `warn`: Print a warning if `node_modules` is outdated.
- `prompt`: Prompt the user to confirm running `pnpm install` if
`node_modules` is outdated.
    -   `error`: Throw an error if `node_modules` is outdated.
    -   `false`: Disable dependency checks.
Related Issue:
[#&#8203;8585](https://redirect.github.com/pnpm/pnpm/issues/8585)

-   **New `inject-workspace-packages` setting**:
Enables hard-linking all local workspace dependencies instead of
symlinking them. Previously, this could be achieved using
[`dependenciesMeta[].injected`](https://pnpm.io/package_json#dependenciesmetainjected),
which remains supported.
Related PR:
[#&#8203;8836](https://redirect.github.com/pnpm/pnpm/pull/8836)

-   **Faster repeat installs**:
On repeated installs, `pnpm` performs a quick check to ensure
`node_modules` is up to date.
Related PR:
[#&#8203;8838](https://redirect.github.com/pnpm/pnpm/pull/8838)

-   **`pnpm add` integrates with default workspace catalog**:
When adding a dependency, `pnpm add` checks the default workspace
catalog. If the dependency and version requirement match the catalog,
`pnpm add` uses the `catalog:` protocol. Without a specified version, it
matches the catalog’s version. If it doesn’t match, it falls back to
standard behavior.
Related Issue:
[#&#8203;8640](https://redirect.github.com/pnpm/pnpm/issues/8640)

##### Patch Changes

-   **Improved `dlx` command resolution**:
`pnpm dlx` now resolves packages to their exact versions and uses these
exact versions for cache keys. This ensures `pnpm dlx` always installs
the latest requested packages.
Related PR:
[#&#8203;8811](https://redirect.github.com/pnpm/pnpm/pull/8811)

-   **No `node_modules` validation on certain commands**:
Commands that should not modify `node_modules` (e.g., `pnpm install
--lockfile-only`) no longer validate or purge `node_modules`.
Related PR:
[#&#8203;8657](https://redirect.github.com/pnpm/pnpm/pull/8657)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/rustymotors/server).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS41OC4xIiwidXBkYXRlZEluVmVyIjoiMzkuNTguMSIsInRhcmdldEJyYW5jaCI6ImRldiIsImxhYmVscyI6W119-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

package.json

@@ -120,7 +120,7 @@
       "pre-commit": "lint-staged"
     }
   },
-  "packageManager": "pnpm@10.0.0-beta.3+sha512.c80ce119df06d870c6029de0040d75ca3fad1e1e386914b691cdf663ec5aa8ab470312580b11257fddf4a340fc6a9737599fc2a489b195c13bf88c86bd3f9006",
+  "packageManager": "pnpm@10.0.0-rc.0+sha512.bce495587126f9a37d64150bf80dcf9bd96f0d64cfd450c9b1a7e5bf2cfc81aef3d50178f259855351c872905a240861a55031652c81e8a11665bfa65f6a1dc2",
   "pnpm": {
     "overrides": {
       "tinymce": "^7.6.0"