From e2f92b0f92a3f2c6daad33f70275ec3e43d287a8 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 22 Mar 2024 14:43:19 +0000 Subject: [PATCH] fix: deps/npm/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TAR-6476909 --- deps/npm/package.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/deps/npm/package.json b/deps/npm/package.json index 6a782f46b73b19..fca838d65202be 100644 --- a/deps/npm/package.json +++ b/deps/npm/package.json @@ -86,7 +86,7 @@ "mississippi": "^3.0.0", "mkdirp": "~0.5.1", "move-concurrently": "^1.0.1", - "node-gyp": "^3.7.0", + "node-gyp": "^7.0.0", "nopt": "~4.0.1", "normalize-package-data": "~2.4.0", "npm-audit-report": "^1.3.1", @@ -104,7 +104,7 @@ "once": "~1.4.0", "opener": "~1.4.3", "osenv": "^0.1.5", - "pacote": "^8.1.6", + "pacote": "^10.3.1", "path-is-inside": "~1.0.2", "promise-inflight": "~1.0.1", "qrcode-terminal": "^0.12.0", @@ -126,7 +126,7 @@ "sorted-object": "~2.0.1", "sorted-union-stream": "~2.1.3", "ssri": "^6.0.0", - "tar": "^4.4.4", + "tar": "^6.2.1", "text-table": "~0.2.0", "tiny-relative-date": "^1.3.0", "uid-number": "0.0.6",