From bb5097f5b0af8c540e3961439f15e5c40d62ee05 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 22 Mar 2024 14:04:44 +0000 Subject: [PATCH] fix: deps/npm/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TAR-6476909 --- deps/npm/package.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/deps/npm/package.json b/deps/npm/package.json index 24827e59cfd9a1..b7243a366e7064 100644 --- a/deps/npm/package.json +++ b/deps/npm/package.json @@ -88,7 +88,7 @@ "mississippi": "^3.0.0", "mkdirp": "~0.5.1", "move-concurrently": "^1.0.1", - "node-gyp": "^3.8.0", + "node-gyp": "^7.0.0", "nopt": "~4.0.1", "normalize-package-data": "^2.5.0", "npm-audit-report": "^1.3.2", @@ -104,7 +104,7 @@ "once": "~1.4.0", "opener": "^1.5.1", "osenv": "^0.1.5", - "pacote": "^9.5.0", + "pacote": "^10.3.1", "path-is-inside": "~1.0.2", "promise-inflight": "~1.0.1", "qrcode-terminal": "^0.12.0", @@ -127,7 +127,7 @@ "sorted-union-stream": "~2.1.3", "ssri": "^6.0.1", "stringify-package": "^1.0.0", - "tar": "^4.4.8", + "tar": "^6.2.1", "text-table": "~0.2.0", "tiny-relative-date": "^1.3.0", "uid-number": "0.0.6",