chore(core): Upgrade tar-fs to address CVE-2024-12905 (#15740)

2025-12-16 17:46:45 +00:00 · 2025-05-27 13:03:59 +02:00
parent c4ea7578fe
commit 3c0e13dd6a
2 changed files with 6 additions and 4 deletions
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -168,6 +168,7 @@ overrides:
  esbuild: ^0.24.0
  pug: ^3.0.3
  semver: ^7.5.4
+  tar-fs: 2.1.2
  tslib: ^2.6.2
  tsconfig-paths: ^4.2.0
  typescript: ^5.8.2
@@ -13094,8 +13095,8 @@ packages:
    resolution: {integrity: sha512-GNzQvQTOIP6RyTfE2Qxb8ZVlNmw0n88vp1szwWRimP02mnTsx3Wtn5qRdqY9w2XduFNUgvOwhNnQsjwCp+kqaQ==}
    engines: {node: '>=6'}

-  tar-fs@2.1.1:
-    resolution: {integrity: sha512-V0r2Y9scmbDRLCNex/+hYzvp/zyYjvFbHPNgVTKfQvVrb6guiE/fxP+XblDNR011utopbkex2nM4dHNV6GDsng==}
+  tar-fs@2.1.2:
+    resolution: {integrity: sha512-EsaAXwxmx8UB7FRKqeozqEPop69DXcmYwTQwXvyAPF352HJsPdkVhvTaDPYqfNgruveJIJy3TA2l+2zj8LJIJA==}

  tar-stream@2.2.0:
    resolution: {integrity: sha512-ujeqbceABgwMZxEJnk2HDY2DlnUZ+9oEcb1KzTVfYHio0UE6dG71n60d8D2I4qNvleWrrXpmjpt7vZeF1LnMZQ==}
@@ -26195,7 +26196,7 @@ snapshots:
      pump: 3.0.0
      rc: 1.2.8
      simple-get: 4.0.1
-      tar-fs: 2.1.1
+      tar-fs: 2.1.2
      tunnel-agent: 0.6.0

  prelude-ls@1.1.2: {}
@@ -27674,7 +27675,7 @@ snapshots:

  tapable@2.2.1: {}

-  tar-fs@2.1.1:
+  tar-fs@2.1.2:
    dependencies:
      chownr: 1.1.4
      mkdirp-classic: 0.5.3