From ae700ef02bc3f66dbf5a1dcfdb49710cce1702c0 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 29 Jan 2026 05:34:58 +0000
Subject: [PATCH 1/2] fix: workspaces/libnpmhook/package.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TAR-15032660
- https://snyk.io/vuln/SNYK-JS-TAR-15127355
---
 workspaces/libnpmhook/package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/workspaces/libnpmhook/package.json b/workspaces/libnpmhook/package.json
index 098762c037dfd..06575a06d1812 100644
--- a/workspaces/libnpmhook/package.json
+++ b/workspaces/libnpmhook/package.json
@@ -31,7 +31,7 @@
   "license": "ISC",
   "dependencies": {
     "aproba": "^2.0.0",
-    "npm-registry-fetch": "^17.0.1"
+    "npm-registry-fetch": "^18.0.1"
   },
   "devDependencies": {
     "@npmcli/eslint-config": "^4.0.0",

From e7e34a24761a2c897be7004ec54d7692c7c7499f Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 31 Jan 2026 03:54:19 +0000
Subject: [PATCH 2/2] fix: workspaces/libnpmhook/package.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TAR-15032660
- https://snyk.io/vuln/SNYK-JS-TAR-15127355