Node version set to 0.0.0 in lockfile during some operations

[jrmajor]

Verify latest release

• I verified that the issue exists in the latest pnpm release

pnpm version

No response

Which area(s) of pnpm are affected? (leave empty if unsure)

Lockfile

Link to the code that reproduces this issue or a replay of the bug

No response

Reproduction steps

1. Run pnpm init,
2. Run pnpm add node@runtime:^22.20
3. See that in lockfile, packages['node@runtime:22.20.0'].version is set to 22.20.0,
4. Run pnpm add picocolors,
5. packages['node@runtime:22.20.0'].version is now set to 0.0.0 and the hasBin key has been deleted.
6. If you now run pnpm dedupe now, the version will be restored back to 22.20.0.

Describe the Bug

If node is installed via devEngines, it's entry in lockfile gets corrupted when installing any package.

Expected Behavior

Installing a package doesn't affect node version in the lockfile.

Which Node.js version are you using?

v24.8.0

Which operating systems have you used?

• macOS
• Windows
• Linux

If your OS is a Linux based, which one it is? (Include the version if relevant)

No response