From 93e9f853e4f837be8d8c0fe7b7ae1f30355b246e Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 3 Feb 2026 07:32:14 +0000 Subject: [PATCH] fix: deps/npm/node_modules/@npmcli/arborist/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TAR-15127355 --- deps/npm/node_modules/@npmcli/arborist/package.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/deps/npm/node_modules/@npmcli/arborist/package.json b/deps/npm/node_modules/@npmcli/arborist/package.json index 7bfb90a079da44..2ab8e46dbcb10c 100644 --- a/deps/npm/node_modules/@npmcli/arborist/package.json +++ b/deps/npm/node_modules/@npmcli/arborist/package.json @@ -6,15 +6,15 @@ "@isaacs/string-locale-compare": "^1.1.0", "@npmcli/installed-package-contents": "^1.0.7", "@npmcli/map-workspaces": "^2.0.3", - "@npmcli/metavuln-calculator": "^3.0.1", + "@npmcli/metavuln-calculator": "^9.0.0", "@npmcli/move-file": "^2.0.0", "@npmcli/name-from-folder": "^1.0.1", "@npmcli/node-gyp": "^2.0.0", "@npmcli/package-json": "^2.0.0", "@npmcli/query": "^1.1.1", - "@npmcli/run-script": "^4.1.3", + "@npmcli/run-script": "^9.0.2", "bin-links": "^3.0.0", - "cacache": "^16.0.6", + "cacache": "^19.0.0", "common-ancestor-path": "^1.0.1", "json-parse-even-better-errors": "^2.3.1", "json-stringify-nice": "^1.1.4", @@ -25,9 +25,9 @@ "npm-install-checks": "^5.0.0", "npm-package-arg": "^9.0.0", "npm-pick-manifest": "^7.0.0", - "npm-registry-fetch": "^13.0.0", + "npm-registry-fetch": "^18.0.1", "npmlog": "^6.0.2", - "pacote": "^13.6.1", + "pacote": "^21.0.1", "parse-conflict-json": "^2.0.1", "proc-log": "^2.0.0", "promise-all-reject-late": "^1.0.0",