From 1c68c802bd13e301abc06bebe516cbd744d31271 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 1 Oct 2025 06:34:03 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TARFS-13045213
---
 package-lock.json | 8 ++++----
 package.json      | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index b86f8f7..8bfe0b9 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -13,7 +13,7 @@
         "execa": "^5.1.1",
         "https-proxy-agent": "^7.0.4",
         "node-fetch": "^2.7.0",
-        "tar-fs": "^3.0.9"
+        "tar-fs": "^3.1.1"
       },
       "devDependencies": {
         "@types/debug": "^4.1.12",
@@ -4861,9 +4861,9 @@
       }
     },
     "node_modules/tar-fs": {
-      "version": "3.0.9",
-      "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.0.9.tgz",
-      "integrity": "sha512-XF4w9Xp+ZQgifKakjZYmFdkLoSWd34VGKcsTCwlNWM7QG3ZbaxnTsaBwnjFZqHRf/rROxaR8rXnbtwdvaDI+lA==",
+      "version": "3.1.1",
+      "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.1.1.tgz",
+      "integrity": "sha512-LZA0oaPOc2fVo82Txf3gw+AkEd38szODlptMYejQUhndHMLQ9M059uXR+AfS7DNo0NpINvSqDsvyaCrBVkptWg==",
       "license": "MIT",
       "dependencies": {
         "pump": "^3.0.0",
diff --git a/package.json b/package.json
index ed48e1b..81609d6 100644
--- a/package.json
+++ b/package.json
@@ -47,7 +47,7 @@
     "execa": "^5.1.1",
     "https-proxy-agent": "^7.0.4",
     "node-fetch": "^2.7.0",
-    "tar-fs": "^3.0.9"
+    "tar-fs": "^3.1.1"
   },
   "devDependencies": {
     "@types/debug": "^4.1.12",