From 5d89114ed4cbc39e296d0a5a43ac0cf069d40a47 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 28 Jan 2026 11:25:25 +0000
Subject: [PATCH] fix: workspaces/libnpmdiff/package.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TAR-15032660
---
 workspaces/libnpmdiff/package.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/workspaces/libnpmdiff/package.json b/workspaces/libnpmdiff/package.json
index f735986ab5cfa..a20492bd647be 100644
--- a/workspaces/libnpmdiff/package.json
+++ b/workspaces/libnpmdiff/package.json
@@ -46,15 +46,15 @@
     "tap": "^16.3.8"
   },
   "dependencies": {
-    "@npmcli/arborist": "^7.1.0",
+    "@npmcli/arborist": "^9.0.0",
     "@npmcli/disparity-colors": "^3.0.0",
     "@npmcli/installed-package-contents": "^2.0.2",
     "binary-extensions": "^2.2.0",
     "diff": "^5.1.0",
     "minimatch": "^9.0.0",
     "npm-package-arg": "^11.0.0",
-    "pacote": "^17.0.4",
-    "tar": "^6.1.13"
+    "pacote": "^21.0.1",
+    "tar": "^7.5.7"
   },
   "templateOSS": {
     "//@npmcli/template-oss": "This file is partially managed by @npmcli/template-oss. Edits may be overwritten.",