From 893680f249ff1354c71dbd3ffb3c5f832e32911a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 19 Jan 2026 19:29:06 +0000 Subject: [PATCH] Bump tar in the npm_and_yarn group across 1 directory Bumps the npm_and_yarn group with 1 update in the / directory: [tar](https://github.com/isaacs/node-tar). Updates `tar` from 7.5.2 to 7.5.3 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](https://github.com/isaacs/node-tar/compare/v7.5.2...v7.5.3) --- updated-dependencies: - dependency-name: tar dependency-version: 7.5.3 dependency-type: direct:production dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] --- cli/package.json | 2 +- package-lock.json | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/cli/package.json b/cli/package.json index 2657697d0ae..3f7e83a65bf 100644 --- a/cli/package.json +++ b/cli/package.json @@ -26,7 +26,7 @@ "pacote": "^21.0.0", "proc-log": "^6.0.0", "semver": "^7.5.4", - "tar": "^7.0.1", + "tar": "^7.5.3", "yaml": "^2.3.4" }, "devDependencies": { diff --git a/package-lock.json b/package-lock.json index 8b33cd4af62..bdb23cba7e0 100644 --- a/package-lock.json +++ b/package-lock.json @@ -94,7 +94,7 @@ "pacote": "^21.0.0", "proc-log": "^6.0.0", "semver": "^7.5.4", - "tar": "^7.0.1", + "tar": "^7.5.3", "yaml": "^2.3.4" }, "devDependencies": { @@ -41291,9 +41291,9 @@ } }, "node_modules/tar": { - "version": "7.5.2", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.5.2.tgz", - "integrity": "sha512-7NyxrTE4Anh8km8iEy7o0QYPs+0JKBTj5ZaqHg6B39erLg0qYXN3BijtShwbsNSvQ+LN75+KV+C4QR/f6Gwnpg==", + "version": "7.5.3", + "resolved": "https://registry.npmjs.org/tar/-/tar-7.5.3.tgz", + "integrity": "sha512-ENg5JUHUm2rDD7IvKNFGzyElLXNjachNLp6RaGf4+JOgxXHkqA+gq81ZAMCUmtMtqBsoU62lcp6S27g1LCYGGQ==", "license": "BlueOak-1.0.0", "dependencies": { "@isaacs/fs-minipass": "^4.0.0",