From 1668f6f17c0b4288c559330da44010ff2058cbef Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 24 Jan 2026 05:35:33 +0000 Subject: [PATCH] fix: deps/npm/node_modules/sigstore/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TAR-15038581 --- deps/npm/node_modules/sigstore/package.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deps/npm/node_modules/sigstore/package.json b/deps/npm/node_modules/sigstore/package.json index 02655a6c79bc81..927c5a93130e75 100644 --- a/deps/npm/node_modules/sigstore/package.json +++ b/deps/npm/node_modules/sigstore/package.json @@ -37,8 +37,8 @@ }, "dependencies": { "@sigstore/protobuf-specs": "^0.1.0", - "@sigstore/tuf": "^1.0.1", - "make-fetch-happen": "^11.0.1" + "@sigstore/tuf": "^3.0.0", + "make-fetch-happen": "^14.0.1" }, "engines": { "node": "^14.17.0 || ^16.13.0 || >=18.0.0"