From d83f268a74acf5a1ae587562fd4afaad42245507 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 31 Jan 2026 04:22:56 +0000
Subject: [PATCH] fix: workspaces/libnpmdiff/package.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TAR-15032660
- https://snyk.io/vuln/SNYK-JS-TAR-15127355
---
 workspaces/libnpmdiff/package.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/workspaces/libnpmdiff/package.json b/workspaces/libnpmdiff/package.json
index 129d9b90cd7fe..a15f9fb4b38c1 100644
--- a/workspaces/libnpmdiff/package.json
+++ b/workspaces/libnpmdiff/package.json
@@ -56,7 +56,7 @@
     "diff": "^5.0.0",
     "minimatch": "^3.0.4",
     "npm-package-arg": "^8.1.4",
-    "pacote": "^12.0.0",
-    "tar": "^6.1.0"
+    "pacote": "^21.0.1",
+    "tar": "^7.5.7"
   }
 }