Dependabot doesn't work with monorepos using pnpm

Is there an existing issue for this?

[X] I have searched the existing issues

Package ecosystem

npm/pnpm

Package manager version

8.15.9

Language version

No response

Manifest location and content before the Dependabot update

package.json pnpm-lock.yaml pnpm-workspace.yaml front/package.json

dependabot.yml content

https://github.com/boxwise/boxtribute/blob/master/.github/dependabot.yml

Updated dependency

No response

What you expected to see, versus what you actually saw

When explicitly listing directories, such as

directories:

/
/front

Dependabot generates updates for packages in the root package.json and in /front. However, it does not update the pnpm-lock.yaml in PRs for packages in the subfolder (for instance: https://github.com/boxwise/boxtribute/pull/1599)

When only listing the 'root' directory (suggested by https://github.com/dependabot/dependabot-core/issues/4993), dependabot ignores the package.json within /front entirely.

Possibly related to https://github.com/dependabot/dependabot-core/issues/6346 (npm, not pnpm)

Native package manager behavior

No response

Images of the diff or a link to the PR, issue, or logs

https://github.com/boxwise/boxtribute/pull/1599

Smallest manifest that reproduces the issue

No response

dependabot / dependabot-core

Dependabot doesn't work with monorepos using pnpm #10758

Is there an existing issue for this?

Package ecosystem

Package manager version

Language version

Manifest location and content before the Dependabot update

dependabot.yml content

Updated dependency

What you expected to see, versus what you actually saw

Native package manager behavior

Images of the diff or a link to the PR, issue, or logs

Smallest manifest that reproduces the issue