NPM package @pnpm/modules-yaml has no trust provenance on latest version 1002.0.1 (trust downgrade)

[CasperRademaker-AbOvo]

ERR_PNPM_TRUST_DOWNGRADE  High-risk trust downgrade for "@pnpm/modules-yaml@1002.0.1" (possible package takeover)

Trust checks are based solely on publish date, not semver. A package cannot be installed if any earlier-published version had stronger trust evidence. Earlier versions had trusted publisher, but this version has no trust evidence. A trust downgrade may indicate a supply chain incident.

This is with pnpm's trustPolicy: no-downgrade

Please let us know: is version 1002.0.1 trusted?
Can a new version be published so that the latest version is trusted by pnpm itself again?

Thank you in advance.

[CasperRademaker-AbOvo]

Opened via issue #11391