chore: update pnpm to v11.7

[zkochan]

Summary by CodeRabbit

• Chores
  • Updated package manager build dependencies to latest versions (11.1.1 → 11.7.0), including platform-specific binaries for Linux, macOS, and Windows, along with related utility dependencies.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: b26ce8c0-e0f9-42c6-96a4-dd348b63ea5e

📥 Commits

Reviewing files that changed from the base of the PR and between b1cac37 and cad25e3.

⛔ Files ignored due to path filters (1)

• dist/index.js is excluded by !**/dist/**

📒 Files selected for processing (1)

• src/install-pnpm/bootstrap/exe-lock.json

📜 Recent review details

🔇 Additional comments (2)

src/install-pnpm/bootstrap/exe-lock.json (2)

1-327: LGTM!

---

8-145: Package versions verified. @pnpm/exe@11.7.0 and platform-specific packages exist and are part of the current pnpm v11 ecosystem. No security advisories apply to version 11.7.0; past vulnerabilities (such as CVE-2023-37478) affected earlier releases. Recent security improvements including registry signature verification for package-manager binaries are in place.

---

📝 Walkthrough

Walkthrough

The exe-lock.json lockfile in the pnpm bootstrap directory is updated to bump @pnpm/exe from 11.1.1 to 11.7.0. The detect-libc dependency range changes from ^2.0.3 to ^2.1.2, and all seven platform-specific optional dependency entries have their version, resolved tarball URL, and integrity hash refreshed.

Changes

@pnpm/exe lockfile bump

Layer / File(s)	Summary
@pnpm/exe and all platform entries updated to 11.7.0 src/install-pnpm/bootstrap/exe-lock.json	Root @pnpm/exe entry bumped to 11.7.0 with detect-libc range updated to ^2.1.2; all platform-specific entries (linux-arm64, linux-x64, linuxstatic-arm64, linuxstatic-x64, macos-arm64, win-arm64, win-x64) have their version, resolved, and integrity fields refreshed from 11.1.1 to 11.7.0.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

A hop, a skip, the lockfile's new,
From 11.1.1 to 11.7.0 it flew! 🐇
Each platform hash refreshed with care,
detect-libc bumped beyond compare.
The rabbit stamps the JSON right—
All checksums sealed, the future's bright! ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: updating pnpm to version 11.7 in the lockfile, which is the primary modification in this PR.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch update-pnpm

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[qodo-free-for-open-source-projects]

PR Summary by Qodo

Update bundled pnpm bootstrap to v11.7.0
⚙️ Configuration changes 🕐 10-20 Minutes

Walkthroughs

Description

• Bump the bundled pnpm bootstrap package (@pnpm/exe) to 11.7.0.
• Refresh the pinned bootstrap lock metadata (URLs, integrity hashes, optional platform deps).

Diagram

graph TD
  A["GitHub Actions runner"] --> B["dist/index.js"] --> C["exe-lock.json"] --> D["npm registry"] --> E["@pnpm/exe 11.7.0"] --> F["pnpm 11.7.0 installed"]

Loading

High-Level Assessment

The PR’s approach (updating the pinned @pnpm/exe bootstrap lock and regenerating the compiled dist output) is the appropriate way to bump the pnpm version for this action. Alternatives like switching to corepack or a different installer mechanism would be broader product/architecture changes beyond a version bump.

File Changes

Other (2)

index.js Regenerate compiled action bundle with pnpm bootstrap v11.7.0 +1/-1

Regenerate compiled action bundle with pnpm bootstrap v11.7.0

• Updates the embedded bootstrap lock/package metadata in the compiled distribution output to reference @pnpm/exe 11.7.0 (and related integrity/resolution fields). This is a generated artifact reflecting the source lockfile update.

dist/index.js

---

exe-lock.json Bump @pnpm/exe bootstrap lock to 11.7.0 +33/-33

Bump @pnpm/exe bootstrap lock to 11.7.0

• Updates the pinned @pnpm/exe version from 11.1.1 to 11.7.0, including refreshed resolved URLs, integrity hashes, and optional platform-specific packages. Also updates the transitive detect-libc range used by the bootstrap.

src/install-pnpm/bootstrap/exe-lock.json

---