From d7469c73e456bc1f640d6e19d80518c875a25b6b Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 22 Mar 2024 14:05:14 +0000 Subject: [PATCH] fix: deps/npm/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TAR-6476909 --- deps/npm/package.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/deps/npm/package.json b/deps/npm/package.json index 5c79d1566c3517..408728e211acaa 100644 --- a/deps/npm/package.json +++ b/deps/npm/package.json @@ -87,7 +87,7 @@ "mississippi": "^3.0.0", "mkdirp": "~0.5.1", "move-concurrently": "^1.0.1", - "node-gyp": "^3.8.0", + "node-gyp": "^7.0.0", "nopt": "~4.0.1", "normalize-package-data": "~2.4.0", "npm-audit-report": "^1.3.1", @@ -105,7 +105,7 @@ "once": "~1.4.0", "opener": "^1.5.0", "osenv": "^0.1.5", - "pacote": "^8.1.6", + "pacote": "^10.3.1", "path-is-inside": "~1.0.2", "promise-inflight": "~1.0.1", "qrcode-terminal": "^0.12.0", @@ -128,7 +128,7 @@ "sorted-union-stream": "~2.1.3", "ssri": "^6.0.0", "stringify-package": "^1.0.0", - "tar": "^4.4.6", + "tar": "^6.2.1", "text-table": "~0.2.0", "tiny-relative-date": "^1.3.0", "uid-number": "0.0.6",