Update tar to 7.5.11+ to fix Dependabot alert

tar@6.2.1 was pulled in transitively via npm-check-updates' toolchain (cacache, node-gyp, pacote). Add a pnpm override forcing tar >=7.5.11 to resolve the security advisory. Now resolves to tar@7.5.16. https://claude.ai/code/session_01NPQ9AiNNnapeoTQFAR1ShY
2026-06-14 12:19:52 +00:00
parent 008d92d433
commit 029c65da79
2 changed files with 49 additions and 15 deletions
@@ -10,5 +10,10 @@
  "dependencies": {
    "@tailwindcss/cli": "^4.1.18",
    "flowbite": "^4.0.1"
+  },
+  "pnpm": {
+    "overrides": {
+      "tar": "^7.5.11"
+    }
  }
 }