fix(deps): update dependency tar to v7.5.7 [security]

2026-01-28 17:03:12 +00:00 · 2026-01-28 17:03:12 +00:00 · b313fb56d9
parent 5e2b041f84
commit b313fb56d9
2 changed files with 7 additions and 7 deletions
--- a/package.json
+++ b/package.json
@ -59,7 +59,7 @@
 		"ignore-walk": "8.0.0",
 		"js-yaml": "4.1.1",
 		"postcss": "8.5.6",
-		"tar": "7.5.6",
+		"tar": "7.5.7",
 		"terser": "5.46.0"
 	},
 	"devDependencies": {
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@ -32,8 +32,8 @@ importers:
        specifier: 8.5.6
        version: 8.5.6
      tar:
-        specifier: 7.5.6
-        version: 7.5.6
+        specifier: 7.5.7
+        version: 7.5.7
      terser:
        specifier: 5.46.0
        version: 5.46.0
@ -10178,8 +10178,8 @@ packages:
    engines: {node: '>=10'}
    deprecated: Old versions of tar are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exhorbitant rates) by contacting i@izs.me

-  tar@7.5.6:
-    resolution: {integrity: sha512-xqUeu2JAIJpXyvskvU3uvQW8PAmHrtXp2KDuMJwQqW8Sqq0CaZBAQ+dKS3RBXVhU4wC5NjAdKrmh84241gO9cA==}
+  tar@7.5.7:
+    resolution: {integrity: sha512-fov56fJiRuThVFXD6o6/Q354S7pnWMJIVlDBYijsTNx6jKSE4pvrDTs6lUnmGvNyfJwFQQwWy3owKz1ucIhveQ==}
    engines: {node: '>=18'}

  taskkill@5.0.0:
@ -20125,7 +20125,7 @@ snapshots:
      nopt: 9.0.0
      proc-log: 6.1.0
      semver: 7.7.3
-      tar: 7.5.6
+      tar: 7.5.7
      tinyglobby: 0.2.15
      which: 6.0.0
    transitivePeerDependencies:
@ -21991,7 +21991,7 @@ snapshots:
      yallist: 4.0.0
    optional: true

-  tar@7.5.6:
+  tar@7.5.7:
    dependencies:
      '@isaacs/fs-minipass': 4.0.1
      chownr: 3.0.0