Add support for .pnpmrc that would override what’s specified in .npmrc

[ExE-Boss]

pnpm version:

5.5.3

Code to reproduce the issue:

When working on third party repositories where the main package manager is npm, it’s sometimes necessary to override pnpm‑specific options using .npmrc, but when that file is already committed to the repository, adding pnpm‑specific options to it can lead to accidentally committing them.

Using .pnpmrc and .git/info/exclude would eliminate this, as the pnpm‑specific options would be guaranteed to be local.

---

Yarn already does this with its .yarnrc and .yarnrc.yml.

Additional information:

• node -v prints: v14.8.0
• Windows, OS X, or Linux?: Windows

[zkochan]

I am against this change while we still use npm's libraries for configuration. First, we need to implement our own pnpm config commands because we currently pass through to the npm CLI with those commands.

And if we use our own config system, it means that we cannot use npm CLI at all. Now we pass through many commands to npm CLI. So we'd need to reimplement all the commands.

[WRtux]

However, pnpm can be standalone installed using the installation script or through corepack, and as npm is optional when installing Node now, it's possible to have pnpm installed without npm (and there's no warning about npm being not installed). This will cause pnpm config (and other commands) to fail. Maybe relying on npm is not so reliable.

[zkochan]

also, if we decide to have our own config system, maybe we should keep all the authorization stuff inside .npmrc and move everything to a JSON or other type of file. We already have some settings in the pnpm section of package.json (pnpm.overrides).