From 44ff8026c19fc785aad0998b903beaf47ff6c38c Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 20 Jan 2026 11:47:39 +0000 Subject: [PATCH] fix: deps/npm/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TAR-15038581 --- deps/npm/package.json | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/deps/npm/package.json b/deps/npm/package.json index c407a66ae12d11..dbee11d8ad14db 100644 --- a/deps/npm/package.json +++ b/deps/npm/package.json @@ -55,17 +55,17 @@ }, "dependencies": { "@isaacs/string-locale-compare": "^1.1.0", - "@npmcli/arborist": "^4.3.1", + "@npmcli/arborist": "^9.0.0", "@npmcli/ci-detect": "^2.0.0", "@npmcli/config": "^3.0.0", "@npmcli/map-workspaces": "^2.0.0", "@npmcli/package-json": "^1.0.1", - "@npmcli/run-script": "^2.0.0", + "@npmcli/run-script": "^9.0.2", "abbrev": "~1.1.1", "ansicolors": "~0.3.2", "ansistyles": "~0.1.3", "archy": "~1.0.0", - "cacache": "^15.3.0", + "cacache": "^19.0.0", "chalk": "^4.1.2", "chownr": "^2.0.0", "cli-columns": "^4.0.0", @@ -79,35 +79,35 @@ "init-package-json": "^2.0.5", "is-cidr": "^4.0.2", "json-parse-even-better-errors": "^2.3.1", - "libnpmaccess": "^5.0.1", - "libnpmdiff": "^3.0.0", - "libnpmexec": "^3.0.3", - "libnpmfund": "^2.0.2", - "libnpmhook": "^7.0.1", - "libnpmorg": "^3.0.1", - "libnpmpack": "^3.1.0", - "libnpmpublish": "^5.0.1", - "libnpmsearch": "^4.0.1", - "libnpmteam": "^3.0.1", - "libnpmversion": "^2.0.2", - "make-fetch-happen": "^10.0.3", + "libnpmaccess": "^9.0.0", + "libnpmdiff": "^8.0.8", + "libnpmexec": "^10.0.0", + "libnpmfund": "^7.0.0", + "libnpmhook": "^11.0.0", + "libnpmorg": "^7.0.0", + "libnpmpack": "^9.0.0", + "libnpmpublish": "^10.0.0", + "libnpmsearch": "^8.0.0", + "libnpmteam": "^7.0.0", + "libnpmversion": "^7.0.0", + "make-fetch-happen": "^14.0.1", "minipass": "^3.1.6", "minipass-pipeline": "^1.2.4", "mkdirp": "^1.0.4", "mkdirp-infer-owner": "^2.0.0", "ms": "^2.1.2", - "node-gyp": "^8.4.1", + "node-gyp": "^11.0.0", "nopt": "^5.0.0", "npm-audit-report": "^2.1.5", "npm-install-checks": "^4.0.0", "npm-package-arg": "^8.1.5", "npm-pick-manifest": "^6.1.1", - "npm-profile": "^6.0.0", - "npm-registry-fetch": "^12.0.2", + "npm-profile": "^11.0.1", + "npm-registry-fetch": "^18.0.1", "npm-user-validate": "^1.0.1", "npmlog": "^6.0.1", "opener": "^1.5.2", - "pacote": "^12.0.3", + "pacote": "^21.0.1", "parse-conflict-json": "^2.0.1", "proc-log": "^1.0.0", "qrcode-terminal": "^0.12.0", @@ -118,7 +118,7 @@ "rimraf": "^3.0.2", "semver": "^7.3.5", "ssri": "^8.0.1", - "tar": "^6.1.11", + "tar": "^7.5.4", "text-table": "~0.2.0", "tiny-relative-date": "^1.3.0", "treeverse": "^1.0.4",