Support PNPM Auto Fix

[orto17]

• All tests passed. If this feature is not already covered by the tests, I added new tests.
• This pull request is on the dev branch.
• I used gofmt for formatting the code before submitting the pull request.
• Update documentation about new features / new supported technologies

---

This PR adds support for PNPM auto-fix:

1. The pnpm updater reada every package.json path from vulnerability evidence (same shared logic as npm), but only for paths whose basename is package.json, and skip anything under node_modules.
2. Drops evidence entries that look like pkg@version/package.json (not real files). If nothing is left, error out.
3. For each remaining package.json — Write the suggested fixed version into dependencies / devDependencies / optionalDependencies / overrides (keeping a backup of the file bytes).
4. Lockfile — If pnpm-lock.yaml next to that manifest is tracked in git, cd to that folder and run pnpm install --lockfile-only --ignore-scripts --no-frozen-lockfile (with the pnpm-specific env, including Corepack workaround) so the lockfile matches the updated manifest. If that command fails, restore package.json from the backup.
5. If the lockfile is not tracked — Leave package.json updated and skip lock regeneration (no pnpm install).

Examples for pull-requests created by the new pnpm package updater:
orto17/pnpm_example#3
orto17/pnpm_example#2