chore(deps): bump tar and npm by dependabot[bot] · Pull Request #424 · eik-lib/common

dependabot · 2026-02-19T22:40:02Z

Bumps tar and npm. These dependencies needed to be updated together.
Updates tar from 7.5.7 to 7.5.9

Commits

1f0c2c9 7.5.9
fbb0851 build minified version as default export
6b8eba0 7.5.8
2cb1120 fix(unpack): improve UnpackSync symlink error "into" path accuracy
d18e4e1 fix: do not write linkpaths through symlinks
See full diff in compare view

Maintainer changes

This version was pushed to npm by isaacs, a new releaser for tar since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

Updates npm from 11.6.4 to 11.10.1

Release notes

Sourced from npm's releases.

v11.10.1

11.10.1 (2026-02-19)

Bug Fixes

9fac412 #8995 improve unknown config warning with .npmrc section hint (#8995) (@umeshmore45)

bb135cc #8981 arborist: fix peerOptional dependency resolution in buildIdealTree (#8981) (@Saibamen, @cursoragent)

5c03826 #8993 remove tabular output from "npm view" (@wraithgar)

4648f26 #8993 remove tabular output from "npm team" (@wraithgar)

Documentation

0a5756d #8998 clarify unsupported custom .npmrc keys and recommend alternatives (#8998) (@maitrawebtech)

22c9153 #8985 fix typo and grammar in README (#8985) (@csmit195, Chris)

Dependencies

aa8ffbf #9002 init-package-json@8.2.5 (#9002)

67a0f09 #9001 glob@13.0.6

56b8fd4 #9001 minimatch@10.2.2

aa7fef5 #9001 minipass@7.1.3

d3a4161 #9000 @npmcli/package-json@7.0.5 (#9000)

7aa9338 #8993 remove cli-columns

f7f7c53 #8991 hoist balanced-match

10cb575 #8991 hoist latest yallist

1b3dc9a #8991 cidr-regex@5.0.3

4307af6 #8991 glob@13.0.5

13b4d6a #8991 minimatch@10.2.1

45d4000 #8991 tar@7.5.9

Chores

40fcab4 #8991 @npmcli/template-oss@4.29.0 (@wraithgar)

1598adb #8991 dev dependency updates (@wraithgar)

workspace: @npmcli/arborist@9.3.1

workspace: @npmcli/config@10.7.1

workspace: libnpmdiff@8.1.2

workspace: libnpmexec@10.2.2

workspace: libnpmfund@7.0.16

workspace: libnpmpack@9.1.2

v11.10.0

11.10.0 (2026-02-11)

Features

cf56a1e #8899 npm trust, per-command config (@reggi)

cf56a1e #8899 npm trust (@reggi)

66d6e11 #8965 add min-release-age (#8965) (@wraithgar)

Dependencies

aae84bf #8973 pacote@21.3.1

8bcb675 #8973 cidr-regex@5.0.2

f87aaab #8973 lru-cache@11.2.6

acec871 #8973 ssri@13.0.1

1e42a86 #8973 glob@13.0.2

e1c08a4 #8973 is-cidr@6.0.3

dfb0e34 #8973 semver@7.7.4

0ee7776 #8973 which@6.0.1

Chores

eb81df8 #8973 dev dependency updates (@wraithgar)

... (truncated)

Changelog

Sourced from npm's changelog.

11.10.1 (2026-02-19)

Bug Fixes

9fac412 #8995 improve unknown config warning with .npmrc section hint (#8995) (@umeshmore45)

bb135cc #8981 arborist: fix peerOptional dependency resolution in buildIdealTree (#8981) (@Saibamen, @cursoragent)

5c03826 #8993 remove tabular output from "npm view" (@wraithgar)

4648f26 #8993 remove tabular output from "npm team" (@wraithgar)

Documentation

0a5756d #8998 clarify unsupported custom .npmrc keys and recommend alternatives (#8998) (@maitrawebtech)

22c9153 #8985 fix typo and grammar in README (#8985) (@csmit195, Chris)

Dependencies

aa8ffbf #9002 init-package-json@8.2.5 (#9002)

67a0f09 #9001 glob@13.0.6

56b8fd4 #9001 minimatch@10.2.2

aa7fef5 #9001 minipass@7.1.3

d3a4161 #9000 @npmcli/package-json@7.0.5 (#9000)

7aa9338 #8993 remove cli-columns

f7f7c53 #8991 hoist balanced-match

10cb575 #8991 hoist latest yallist

1b3dc9a #8991 cidr-regex@5.0.3

4307af6 #8991 glob@13.0.5

13b4d6a #8991 minimatch@10.2.1

45d4000 #8991 tar@7.5.9

Chores

40fcab4 #8991 @npmcli/template-oss@4.29.0 (@wraithgar)

1598adb #8991 dev dependency updates (@wraithgar)

workspace: @npmcli/arborist@9.3.1

workspace: @npmcli/config@10.7.1

workspace: libnpmdiff@8.1.2

workspace: libnpmexec@10.2.2

workspace: libnpmfund@7.0.16

workspace: libnpmpack@9.1.2

11.10.0 (2026-02-11)

Features

cf56a1e #8899 npm trust, per-command config (@reggi)

cf56a1e #8899 npm trust (@reggi)

66d6e11 #8965 add min-release-age (#8965) (@wraithgar)

Dependencies

aae84bf #8973 pacote@21.3.1

8bcb675 #8973 cidr-regex@5.0.2

f87aaab #8973 lru-cache@11.2.6

acec871 #8973 ssri@13.0.1

1e42a86 #8973 glob@13.0.2

e1c08a4 #8973 is-cidr@6.0.3

dfb0e34 #8973 semver@7.7.4

0ee7776 #8973 which@6.0.1

Chores

eb81df8 #8973 dev dependency updates (@wraithgar)

995e757 #8966 Clean up some todos, add tests for previously skipped blocks (@owlstronaut)

workspace: @npmcli/arborist@9.3.0

... (truncated)

Commits

c029cb2 chore: release 11.10.1
9fac412 fix: improve unknown config warning with .npmrc section hint (#8995)
aa8ffbf deps: init-package-json@8.2.5 (#9002)
67a0f09 deps: glob@13.0.6
56b8fd4 deps: minimatch@10.2.2
aa7fef5 deps: minipass@7.1.3
d3a4161 deps: @npmcli/package-json@7.0.5 (#9000)
0a5756d docs: clarify unsupported custom .npmrc keys and recommend alternatives (#8998)
bb135cc fix(arborist): fix peerOptional dependency resolution in buildIdealTree (...
7aa9338 deps: remove cli-columns
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [tar](https://github.com/isaacs/node-tar) and [npm](https://github.com/npm/cli). These dependencies needed to be updated together. Updates `tar` from 7.5.7 to 7.5.9 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v7.5.7...v7.5.9) Updates `npm` from 11.6.4 to 11.10.1 - [Release notes](https://github.com/npm/cli/releases) - [Changelog](https://github.com/npm/cli/blob/latest/CHANGELOG.md) - [Commits](npm/cli@v11.6.4...v11.10.1) --- updated-dependencies: - dependency-name: tar dependency-version: 7.5.9 dependency-type: indirect - dependency-name: npm dependency-version: 11.10.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Feb 19, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Comments

chore(deps): bump tar and npm#424

chore(deps): bump tar and npm#424
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/multi-f7fc7d0628

dependabot bot commented on behalf of github Feb 19, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Comments

Conversation

dependabot bot commented on behalf of github Feb 19, 2026

v11.10.1

11.10.1 (2026-02-19)

Bug Fixes

Documentation

Dependencies

Chores

v11.10.0

11.10.0 (2026-02-11)

Features

Dependencies

Chores

11.10.1 (2026-02-19)

Bug Fixes

Documentation

Dependencies

Chores

11.10.0 (2026-02-11)

Features

Dependencies

Chores

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants