From 344f003b108b99079cdb896f728f9578b7f6e59d Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 3 Feb 2026 11:21:28 +0000
Subject: [PATCH] fix: workspaces/libnpmpack/package.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TAR-15127355
---
 workspaces/libnpmpack/package.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/workspaces/libnpmpack/package.json b/workspaces/libnpmpack/package.json
index a3074218a9098..1a6b8a758f38c 100644
--- a/workspaces/libnpmpack/package.json
+++ b/workspaces/libnpmpack/package.json
@@ -36,10 +36,10 @@
   "bugs": "https://github.com/npm/libnpmpack/issues",
   "homepage": "https://npmjs.com/package/libnpmpack",
   "dependencies": {
-    "@npmcli/arborist": "^7.1.0",
-    "@npmcli/run-script": "^7.0.1",
+    "@npmcli/arborist": "^9.0.0",
+    "@npmcli/run-script": "^9.0.2",
     "npm-package-arg": "^11.0.0",
-    "pacote": "^17.0.4"
+    "pacote": "^21.0.1"
   },
   "engines": {
     "node": "^16.14.0 || >=18.0.0"