pnpm: Unsafe default behavior breaks integrity check
While it is unclear whether this should be classified as a vulnerability, it is being reported through this channel because the current behavior may represent an unsafe default. Summary pnpm install in non-frozen mode can accept new remote package content after detecting that the downloaded tarba...