Add trustPolicy to pnpm-workspace.json (#5118)

Co-authored-by: btea <[email protected]>

Author: btea

src/schemas/json/pnpm-workspace.json

@@ -796,6 +796,15 @@
     "preferOffline": {
       "description": "Bypass staleness checks for cached data. Missing data will still be requested from the server.",
       "type": "boolean"
+    },
+    "trustPolicy": {
+      "description": "When set to no-downgrade, pnpm will fail if a package's trust level has decreased compared to previous releases. For example, if a package was previously published by a trusted publisher but now only has provenance or no trust evidence, installation will fail. This helps prevent installing potentially compromised versions.",
+      "oneOf": [
+        {
+          "type": "string",
+          "enum": ["off", "no-downgrade"]
+        }
+      ]
     }
   },
   "additionalProperties": false