[Dependency] Bump tar, pdfjs-dist and terser-webpack-plugin

[dependabot]

Removes tar. It's no longer used after updating ancestor dependencies tar, pdfjs-dist and terser-webpack-plugin. These dependencies need to be updated together.

Removes tar

Updates pdfjs-dist from 4.3.136 to 4.10.38

Release notes

Sourced from pdfjs-dist's releases.

v4.10.38

This release contains improvements for accessibility, the annotation editor, font conversion, performance, SMasks and the viewer.

Changes since v4.9.155

• Bump the stable version in pdfjs.config by @​timvandermeij in mozilla/pdf.js#19178
• When zooming replace the css-zoomed canvas by the new one only when rendering is finished by @​calixteman in mozilla/pdf.js#19164
• Ensure that a missing/invalid "Content-Range" header is handled in PDFNetworkStream (issue 19075) by @​Snuffleupagus in mozilla/pdf.js#19114
• Do not stringify errors when logging them by @​nicolo-ribaudo in mozilla/pdf.js#19148
• Get the first codepoint instead of the first char when using the toUnicode map by @​calixteman in mozilla/pdf.js#19184
• Support toggling the PDFFindBar options with the Enter key (issue 19175) by @​Snuffleupagus in mozilla/pdf.js#19185
• Update dependencies and translations to the most recent versions by @​timvandermeij in mozilla/pdf.js#19190
• Print more warnings about potential problems in Node.js environments by @​Snuffleupagus in mozilla/pdf.js#19191
• Fix intermittent issues in the issue14307.pdf integration tests by @​timvandermeij in mozilla/pdf.js#19192
• Add a ref test for setting disableFontFace to true by @​calixteman in mozilla/pdf.js#19197
• Take the userUnit into account in the PageViewport class (issue 19176) by @​Snuffleupagus in mozilla/pdf.js#19196
• Improve perfs of the font renderer by @​calixteman in mozilla/pdf.js#19189
• Remove the raw path-strings after creating the actual Path2D glyph-objects by @​Snuffleupagus in mozilla/pdf.js#19200
• Update OpenJPEG to 2.5.3 by @​calixteman in mozilla/pdf.js#19203
• [Editor] Don't commit the current drawing while zooming by @​calixteman in mozilla/pdf.js#19202
• Make sure the canvas is always the first child of its wrapper by @​calixteman in mozilla/pdf.js#19204
• [Editor] When resizing a stamp annotation, the opposite corner must stay fixed by @​calixteman in mozilla/pdf.js#19201
• Simplify logic to insert canvas as first element by @​nicolo-ribaudo in mozilla/pdf.js#19206
• Fix intermittent failures when moving a freetext annotation in integration tests by @​calixteman in mozilla/pdf.js#19198
• Update Puppeteer to version 23.10.2 by @​calixteman in mozilla/pdf.js#19208
• Update Puppeteer to version 23.10.3 by @​calixteman in mozilla/pdf.js#19210
• [Editor] Improve drawing on a touch screen. by @​calixteman in mozilla/pdf.js#19209
• [Editor] Avoid to focus an existing editor when enabling the layer by @​calixteman in mozilla/pdf.js#19215
• Move the pinch stuff in its own file in order to use for editors by @​calixteman in mozilla/pdf.js#19216
• [Editor] Add the ability to resize an editor in using a pinch gesture by @​calixteman in mozilla/pdf.js#19219
• Don't remove trailing regular spaces from the "raw" response headers (issue 19205) by @​Snuffleupagus in mozilla/pdf.js#19214
• [api-minor] Remove deprecated getDocument options (PR 18776 follow-up) by @​Snuffleupagus in mozilla/pdf.js#19224
• Bump library version to 4.10 by @​Snuffleupagus in mozilla/pdf.js#19225
• Disable touch-zooming, in the viewer, if AbortSignal.any is unsupported (PR 19216 follow-up) by @​Snuffleupagus in mozilla/pdf.js#19226
• Add basic support for non-embedded HelveticaLTStd-Bold fonts (issue 19234) by @​Snuffleupagus in mozilla/pdf.js#19236
• Take the absolute value of the font size when the annotation contents is in xhtml (bug 1938087) by @​calixteman in mozilla/pdf.js#19238
• Disable the handle reading ranges with missing/invalid "Content-Range" header unit-test in Google Chrome (PR 19114 follow-up) by @​Snuffleupagus in mozilla/pdf.js#19237
• Fix left offset when scrolling to search result by @​nicolo-ribaudo in mozilla/pdf.js#19232
• Update dependencies and translations to the most recent versions by @​timvandermeij in mozilla/pdf.js#19243
• Add missing startWorkerTask calls in the "SaveDocument" handler by @​Snuffleupagus in mozilla/pdf.js#19246
• Improve the test folder structure by @​timvandermeij in mozilla/pdf.js#19254
• Remove mention of Bower from the README (PR 15390 follow-up) by @​Snuffleupagus in mozilla/pdf.js#19258
• Shorten some if-statements in the src/core/ folder by @​Snuffleupagus in mozilla/pdf.js#19260
• Remove the unused glyphNameMap parameter from Type2Compiled by @​Snuffleupagus in mozilla/pdf.js#19263
• Assert that the fontMatrix is always valid in compileGlyph by @​Snuffleupagus in mozilla/pdf.js#19262
• Reduce duplication when handling "DocException" and "PasswordRequest" messages by @​Snuffleupagus in mozilla/pdf.js#19259
• For images that include SMask/Mask entries, ignore an SMask defined in the current graphics state (bug 986450) by @​Snuffleupagus in mozilla/pdf.js#19269
• Update l10n files by @​Snuffleupagus in mozilla/pdf.js#19271
• Remove the requestRange/requestFull methods from the NetworkManager class by @​Snuffleupagus in mozilla/pdf.js#19273

v4.9.155

... (truncated)

Commits

• f9bea39 Merge pull request #19273 from Snuffleupagus/NetworkManager-request-methods
• 01240fd Remove the requestRange/requestFull methods from the NetworkManager class
• f19b0a1 Merge pull request #19271 from Snuffleupagus/l10n-update
• 93ce29f Update l10n files
• 61c3ed4 Merge pull request #19269 from Snuffleupagus/image-hasMask
• 20d5332 For images that include SMask/Mask entries, ignore an SMask defined in the cu...
• 8a50d2d Merge pull request #19259 from Snuffleupagus/more-wrapReason
• 91d8017 Merge pull request #19262 from Snuffleupagus/CompiledFont-assert-fontMatrix
• 5b94c86 Merge pull request #19263 from Snuffleupagus/Type2Compiled-fix-glyphNameMap
• b4abfec Merge pull request #19260 from Snuffleupagus/src-core-simplify-ifs
• Additional commits viewable in compare view

Updates terser-webpack-plugin from 4.2.3 to 5.3.16

Release notes

Sourced from terser-webpack-plugin's releases.

v5.3.16

5.3.16 (2025-12-11)

Bug Fixes

• handle empty files (#643) (05012e9)

v5.3.15

5.3.15 (2025-12-05)

Bug Fixes

• catch error when loading minimizers (#639) (586af0a)
• respect errors and warnings from minimizer without code (8607f79)

v5.3.14

5.3.14 (2025-03-06)

Bug Fixes

• types (#622) (84bb19b)
• use os.availableParallelism() for parallelism when it is available (#623) (1357994)

v5.3.13

5.3.13 (2025-03-05)

Bug Fixes

• ecma and module types in minimizer options (#620) (5aa43c2)

v5.3.12

5.3.12 (2025-02-27)

Bug Fixes

• allows minimizers to set worker thread support and don't use worker thread for swc and esbuild (#619) (15ddaab)

v5.3.11

5.3.11 (2024-12-13)

Bug Fixes

• avoid the deprecation message (0341ad1)

... (truncated)

Changelog

Sourced from terser-webpack-plugin's changelog.

5.3.16 (2025-12-11)

Bug Fixes

• handle empty files (#643) (05012e9)

5.3.15 (2025-12-05)

Bug Fixes

• catch error when loading minimizers (#639) (586af0a)
• respect errors and warnings from minimizer without code (8607f79)

5.3.14 (2025-03-06)

Bug Fixes

• types (#622) (84bb19b)
• use os.availableParallelism() for parallelism when it is available (#623) (1357994)

5.3.13 (2025-03-05)

Bug Fixes

• ecma and module types in minimizer options (#620) (5aa43c2)

5.3.12 (2025-02-27)

Bug Fixes

• allows minimizers to set worker thread support and don't use worker thread for swc and esbuild (#619) (15ddaab)

5.3.11 (2024-12-13)

Bug Fixes

• avoid the deprecation message (0341ad1)

5.3.10 (2023-12-28)

Bug Fixes

• bump terser to the latest stable version (#587) (f650fa3)

... (truncated)

Commits

• 51ac072 chore(release): 5.3.16
• 05012e9 fix: handle empty files (#643)
• f337cee chore(release): 5.3.15
• 8607f79 fix: respect errors and warnings from minimizer without code
• 30182a3 chore(deps): bump js-yaml (#640)
• db35463 docs: update contributing
• 586af0a fix: catch error when loading minimizers (#639)
• 15ccc60 chore: migrate from contrib (#638)
• 17bb741 chore: update github actions/checkout from v4 to v5 (#637)
• 00c75dc chore: eslint migration (#636)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.