Bump tar and jspm

[dependabot]

Removes tar. It's no longer used after updating ancestor dependency jspm. These dependencies need to be updated together.

Removes tar

Updates jspm from 0.16.55 to 4.4.0

Release notes

Sourced from jspm's releases.

4.4.0

What's Changed

• feat: support --hash-entries build flag by @​guybedford in jspm/jspm#2704
• fix: build cache serializability by @​guybedford in jspm/jspm#2705
• Combine subpaths for top-level "imports" by @​guybedford in jspm/jspm#2703

Full Changelog: jspm/jspm@4.3.0...4.4.0

4.3.0

What's Changed

• fix: HTML output produces non-empty importmap by @​guybedford in jspm/jspm#2692
• feat: add getFileList to nodemodules provider by @​guybedford in jspm/jspm#2693
• fix: support npm package aliases in nodemodules provider by @​guybedford in jspm/jspm#2694
• fix: handle github: deps in nodemodules provider to prevent infinite loop by @​guybedford in jspm/jspm#2695
• Add experimental warning to jspm publish by @​guybedford in jspm/jspm#2696
• fix: upgrade sver to v2 and fix peer dependency version resolution by @​guybedford in jspm/jspm#2697
• @​jspm/generator@​2.10.0 and jspm@4.3.0 by @​JayaKrishnaNamburu in jspm/jspm#2698

Full Changelog: jspm/jspm@4.2.0...4.3.0

4.2.0

What's Changed

• fix: htmlInject integrity loading by @​guybedford in jspm/jspm#2677
• fix: use scoped link for cli installs by @​guybedford in jspm/jspm#2678

Full Changelog: jspm/jspm@4.1.5...4.2.0

4.1.5

What's Changed

• fix: link failure with no pins by @​guybedford in jspm/jspm#2670
• feat: support non-resolving providers by @​guybedford in jspm/jspm#2674
• fix: skip package.json check on jspm.io root by @​guybedford in jspm/jspm#2675
• fix: flattenScopes regerssion, rootURL handling by @​guybedford in jspm/jspm#2676

Full Changelog: jspm/jspm@4.1.4...4.1.5

4.1.4

What's Changed

• fix: dangling extractions, perf by @​guybedford in jspm/jspm#2668
• feat: disable pins under scopedLink, import map base Url fix by @​guybedford in jspm/jspm#2669

Full Changelog: jspm/jspm@4.1.3...4.1.4

4.1.3

What's Changed

... (truncated)

Commits

• c09e546 4.4.0
• bcd96a4 feat: combine subpaths for top-level "imports" (#2703)
• 062cf1a fix: build cache serializability (#2705)
• 0136894 feat: support --hash-entries build flag (#2704)
• 3dc89cd @​jspm/generator@​2.10.0 and jspm@4.3.0 (#2698)
• e01ccb7 fix: upgrade sver to v2 and fix peer dependency version resolution (#2697)
• ac6e9da chore: add experimental warning to jspm publish (#2696)
• d6a27bd fix: handle github: deps in nodemodules provider to prevent infinite loop (#2...
• 3bac821 fix: support npm package aliases in nodemodules provider (#2694)
• 3948db6 feat: add getFileList to nodemodules provider (#2693)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.