From cda007ff59129b29f71640241a230d3c2e7fbf8d Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 12 Jul 2025 01:38:37 +0000
Subject: [PATCH] fix: deps/npm/package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-SEMVER-3247795
- https://snyk.io/vuln/SNYK-JS-TAR-6476909
- https://snyk.io/vuln/SNYK-JS-TAR-1579147
- https://snyk.io/vuln/SNYK-JS-TAR-1579152
- https://snyk.io/vuln/SNYK-JS-TAR-1579155
- https://snyk.io/vuln/SNYK-JS-TAR-1536528
- https://snyk.io/vuln/SNYK-JS-TAR-1536531
- https://snyk.io/vuln/SNYK-JS-TAR-1536758
---
 deps/npm/package.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/deps/npm/package.json b/deps/npm/package.json
index fb2b04c1b5c60f..110431d5f59268 100644
--- a/deps/npm/package.json
+++ b/deps/npm/package.json
@@ -83,7 +83,7 @@
     "normalize-package-data": "~2.4.0",
     "npm-cache-filename": "~1.0.2",
     "npm-install-checks": "~3.0.0",
-    "npm-lifecycle": "~2.0.0",
+    "npm-lifecycle": "~3.1.5",
     "npm-package-arg": "~6.0.0",
     "npm-packlist": "~1.1.10",
     "npm-profile": "~2.0.5",
@@ -93,7 +93,7 @@
     "once": "~1.4.0",
     "opener": "~1.4.3",
     "osenv": "~0.1.4",
-    "pacote": "^7.0.2",
+    "pacote": "^10.3.1",
     "path-is-inside": "~1.0.2",
     "promise-inflight": "~1.0.1",
     "qrcode-terminal": "~0.11.0",