From fddb8208af8d98b3e438c5e5af4f51d856693f21 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 5 Feb 2026 04:14:17 +0000 Subject: [PATCH] fix: deps/npm/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TAR-15127355 --- deps/npm/package.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deps/npm/package.json b/deps/npm/package.json index fb2b04c1b5c60f..ad2dbb290a3590 100644 --- a/deps/npm/package.json +++ b/deps/npm/package.json @@ -93,7 +93,7 @@ "once": "~1.4.0", "opener": "~1.4.3", "osenv": "~0.1.4", - "pacote": "^7.0.2", + "pacote": "^21.0.1", "path-is-inside": "~1.0.2", "promise-inflight": "~1.0.1", "qrcode-terminal": "~0.11.0", @@ -116,7 +116,7 @@ "sorted-union-stream": "~2.1.3", "ssri": "~5.0.0", "strip-ansi": "~4.0.0", - "tar": "^4.0.2", + "tar": "^7.5.7", "text-table": "~0.2.0", "uid-number": "0.0.6", "umask": "~1.1.0",