From f508c06784e0387651dd34817c90958ce97c241d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 24 Jan 2026 05:35:43 +0000 Subject: [PATCH] fix: deps/npm/node_modules/@npmcli/arborist/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TAR-15038581 --- deps/npm/node_modules/@npmcli/arborist/package.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/deps/npm/node_modules/@npmcli/arborist/package.json b/deps/npm/node_modules/@npmcli/arborist/package.json index 258234b977ea81..b63c2c4874040b 100644 --- a/deps/npm/node_modules/@npmcli/arborist/package.json +++ b/deps/npm/node_modules/@npmcli/arborist/package.json @@ -6,14 +6,14 @@ "@isaacs/string-locale-compare": "^1.1.0", "@npmcli/installed-package-contents": "^1.0.7", "@npmcli/map-workspaces": "^2.0.0", - "@npmcli/metavuln-calculator": "^3.0.1", + "@npmcli/metavuln-calculator": "^9.0.0", "@npmcli/move-file": "^1.1.0", "@npmcli/name-from-folder": "^1.0.1", "@npmcli/node-gyp": "^1.0.3", "@npmcli/package-json": "^1.0.1", - "@npmcli/run-script": "^3.0.0", + "@npmcli/run-script": "^9.0.2", "bin-links": "^3.0.0", - "cacache": "^16.0.0", + "cacache": "^19.0.0", "common-ancestor-path": "^1.0.1", "json-parse-even-better-errors": "^2.3.1", "json-stringify-nice": "^1.1.4", @@ -23,9 +23,9 @@ "npm-install-checks": "^4.0.0", "npm-package-arg": "^9.0.0", "npm-pick-manifest": "^7.0.0", - "npm-registry-fetch": "^13.0.0", + "npm-registry-fetch": "^18.0.1", "npmlog": "^6.0.1", - "pacote": "^13.0.5", + "pacote": "^21.0.1", "parse-conflict-json": "^2.0.1", "proc-log": "^2.0.0", "promise-all-reject-late": "^1.0.0",