fix: pnpm update

Fixes a regression introduced by #2692

close #2750

.changeset/shy-files-cheer.md

@@ -0,0 +1,5 @@
+---
+"@pnpm/plugin-commands-installation": patch
+---
+
+Fixes a regression introduced by <https://github.com/pnpm/pnpm/pull/2692>. `pnpm update` should update the direct dependencies of the project.

packages/plugin-commands-installation/src/update/index.ts

@@ -235,7 +235,7 @@ async function update (
     allowNew: false,
     includeDirect,
     update: true,
-    updateMatching: dependencies.every(dep => !dep.substring(1).includes('@')) && opts.depth && opts.depth > 0 && !opts.latest
+    updateMatching: dependencies.length && dependencies.every(dep => !dep.substring(1).includes('@')) && opts.depth && opts.depth > 0 && !opts.latest
       ? matcher(dependencies) : undefined,
     updatePackageManifest: opts.save !== false,
   }, dependencies)

packages/pnpm/test/update.ts

@@ -50,13 +50,17 @@ test('update --no-save', async function (t: tape.Test) {
 })
 
 test('update', async function (t: tape.Test) {
-  await addDistTag('foo', '100.1.0', 'latest')
+  await addDistTag('foo', '100.0.0', 'latest')
   const project = prepare(t, {
     dependencies: {
       foo: '^100.0.0',
     },
   })
 
+  await execPnpm(['install', '--lockfile-only'])
+
+  await addDistTag('foo', '100.1.0', 'latest')
+
   await execPnpm(['update'])
 
   const lockfile = await project.readLockfile()