From 77f71b2d333e1590f1d3147d6d4897a8d385b7af Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 21 Jan 2026 06:23:45 +0000 Subject: [PATCH] fix: deps/npm/node_modules/@npmcli/arborist/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TAR-15038581 --- deps/npm/node_modules/@npmcli/arborist/package.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/deps/npm/node_modules/@npmcli/arborist/package.json b/deps/npm/node_modules/@npmcli/arborist/package.json index c9dee34b72c4fb..884c85ad7adb06 100644 --- a/deps/npm/node_modules/@npmcli/arborist/package.json +++ b/deps/npm/node_modules/@npmcli/arborist/package.json @@ -6,14 +6,14 @@ "@isaacs/string-locale-compare": "^1.1.0", "@npmcli/installed-package-contents": "^1.0.7", "@npmcli/map-workspaces": "^2.0.0", - "@npmcli/metavuln-calculator": "^3.0.0", + "@npmcli/metavuln-calculator": "^9.0.0", "@npmcli/move-file": "^1.1.0", "@npmcli/name-from-folder": "^1.0.1", "@npmcli/node-gyp": "^1.0.3", "@npmcli/package-json": "^1.0.1", - "@npmcli/run-script": "^3.0.0", + "@npmcli/run-script": "^9.0.2", "bin-links": "^3.0.0", - "cacache": "^15.0.3", + "cacache": "^19.0.0", "common-ancestor-path": "^1.0.1", "json-parse-even-better-errors": "^2.3.1", "json-stringify-nice": "^1.1.4", @@ -23,9 +23,9 @@ "npm-install-checks": "^4.0.0", "npm-package-arg": "^9.0.0", "npm-pick-manifest": "^7.0.0", - "npm-registry-fetch": "^13.0.0", + "npm-registry-fetch": "^18.0.1", "npmlog": "^6.0.1", - "pacote": "^13.0.2", + "pacote": "^21.0.1", "parse-conflict-json": "^2.0.1", "proc-log": "^2.0.0", "promise-all-reject-late": "^1.0.0",