From a0ac81e21cb29be129010978746a0a52999494c5 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 24 Jan 2026 05:51:26 +0000
Subject: [PATCH] fix: workspaces/libnpmdiff/package.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TAR-15038581
- https://snyk.io/vuln/SNYK-JS-DIFF-14917201
---
 workspaces/libnpmdiff/package.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/workspaces/libnpmdiff/package.json b/workspaces/libnpmdiff/package.json
index 129d9b90cd7fe..853ea35679eca 100644
--- a/workspaces/libnpmdiff/package.json
+++ b/workspaces/libnpmdiff/package.json
@@ -53,10 +53,10 @@
     "@npmcli/disparity-colors": "^1.0.1",
     "@npmcli/installed-package-contents": "^1.0.7",
     "binary-extensions": "^2.2.0",
-    "diff": "^5.0.0",
+    "diff": "^8.0.3",
     "minimatch": "^3.0.4",
     "npm-package-arg": "^8.1.4",
-    "pacote": "^12.0.0",
-    "tar": "^6.1.0"
+    "pacote": "^21.0.1",
+    "tar": "^7.5.4"
   }
 }