Added pnpm_9 support to dependabot.

npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/pnpm_lockfile_updater.rb

@@ -51,7 +51,9 @@ def run_pnpm_update(pnpm_lock:)
             SharedHelpers.with_git_configured(credentials: credentials) do
               run_pnpm_updater
 
-              write_final_package_json_files
+              version = Helpers.pnpm_version_numeric(pnpm_lock)
+
+              write_final_package_json_files(version)
 
               run_pnpm_install
 
@@ -132,11 +134,15 @@ def raise_package_access_error(dependency_url, pnpm_lock)
           raise PrivateSourceAuthenticationFailure, reg
         end
 
-        def write_final_package_json_files
+        def write_final_package_json_files(version)
           package_files.each do |file|
             path = file.name
             FileUtils.mkdir_p(Pathname.new(path).dirname)
-            File.write(path, updated_package_json_content(file))
+            content = updated_package_json_content(file)
+            source = "  \"dependencies\""
+            target = "  \"packageManager\": \"pnpm@#{version}.0.0\",\n  \"dependencies\""
+            content = content.to_s.gsub(source, target) unless content.to_s.include?("Error:") || version.nil?
+            File.write(path, content)
           end
         end
 

npm_and_yarn/spec/dependabot/npm_and_yarn/file_updater_spec.rb

@@ -3666,8 +3666,8 @@
       let(:repo_contents_path) { build_tmp_repo(project_name, path: "projects") }
       let(:files) { project_dependency_files(project_name) }
 
-      describe "simple case" do
-        let(:project_name) { "pnpm/simple" }
+      describe "simple pnpm version 6 scenario" do
+        let(:project_name) { "pnpm/simple/pnpm_6" }
 
         it "keeps the lockfileVersion" do
           expect(updated_pnpm_lock.content).to include("lockfileVersion: '6.0'")
@@ -3678,6 +3678,24 @@
         end
       end
 
+      describe "simple pnpm version 9 scenario" do
+        context "when packageManager property mentioned in package.json" do
+          let(:project_name) { "pnpm/simple/pnpm_9" }
+
+          it "keeps the lockfileVersion" do
+            expect(updated_pnpm_lock.content).to include("lockfileVersion: '9.0'")
+          end
+        end
+
+        context "when packageManager property is not mentioned in package.json" do
+          let(:project_name) { "pnpm/simple/pnpm_no_package_manager" }
+
+          it "keeps the lockfileVersion" do
+            expect(updated_pnpm_lock.content).to include("lockfileVersion: '9.0'")
+          end
+        end
+      end
+
       context "when updating only the lockfile" do
         let(:project_name) { "pnpm/lockfile_only_change" }
 

npm_and_yarn/spec/fixtures/projects/pnpm/simple/pnpm_9/package.json

@@ -0,0 +1,6 @@
+{
+  "packageManager": "pnpm@9.4.0",
+  "dependencies": {
+    "fetch-factory": "^0.0.1"
+  }
+}

npm_and_yarn/spec/fixtures/projects/pnpm/simple/pnpm_no_package_manager/package.json

@@ -0,0 +1,5 @@
+{
+  "dependencies": {
+    "fetch-factory": "^0.0.1"
+  }
+}