From c9da81cf32c8fec29cf67c1424818aa95eea06f3 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 21 Jan 2026 21:04:14 +0000
Subject: [PATCH 1/2] build(deps-dev): bump tar from 7.5.2 to 7.5.4

Bumps [tar](https://github.com/isaacs/node-tar) from 7.5.2 to 7.5.4.
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-tar/compare/v7.5.2...v7.5.4)

---
updated-dependencies:
- dependency-name: tar
  dependency-version: 7.5.4
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 package.json |  2 +-
 yarn.lock    | 17 +++++++++++++++--
 2 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/package.json b/package.json
index bf1a4c795..a6fa80e01 100644
--- a/package.json
+++ b/package.json
@@ -34,7 +34,7 @@
     "proxy-from-env": "^1.1.0",
     "semver": "^7.6.3",
     "supports-color": "^10.0.0",
-    "tar": "^7.4.0",
+    "tar": "^7.5.4",
     "tsx": "^4.16.2",
     "typescript": "^5.7.3",
     "undici": "^6.21.2",
diff --git a/yarn.lock b/yarn.lock
index bb2ba3a30..01b1f3f22 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -1402,7 +1402,7 @@ __metadata:
     proxy-from-env: "npm:^1.1.0"
     semver: "npm:^7.6.3"
     supports-color: "npm:^10.0.0"
-    tar: "npm:^7.4.0"
+    tar: "npm:^7.5.4"
     tsx: "npm:^4.16.2"
     typescript: "npm:^5.7.3"
     undici: "npm:^6.21.2"
@@ -4172,7 +4172,7 @@ __metadata:
   languageName: node
   linkType: hard
 
-"tar@npm:^7.4.0, tar@npm:^7.5.2":
+"tar@npm:^7.5.2":
   version: 7.5.2
   resolution: "tar@npm:7.5.2"
   dependencies:
@@ -4185,6 +4185,19 @@ __metadata:
   languageName: node
   linkType: hard
 
+"tar@npm:^7.5.4":
+  version: 7.5.6
+  resolution: "tar@npm:7.5.6"
+  dependencies:
+    "@isaacs/fs-minipass": "npm:^4.0.0"
+    chownr: "npm:^3.0.0"
+    minipass: "npm:^7.1.2"
+    minizlib: "npm:^3.1.0"
+    yallist: "npm:^5.0.0"
+  checksum: 10c0/08af3807035957650ad5f2a300c49ca4fe0566ac0ea5a23741a5b5103c6da42891a9eeaed39bc1fbcf21c5cac4dc846828a004727fb08b9d946322d3144d1fd2
+  languageName: node
+  linkType: hard
+
 "tinybench@npm:^2.9.0":
   version: 2.9.0
   resolution: "tinybench@npm:2.9.0"

From c7a1234807a9cb4688ecf6e349fc8f152324868a Mon Sep 17 00:00:00 2001
From: Antoine du Hamel <duhamelantoine1995@gmail.com>
Date: Fri, 23 Jan 2026 12:12:33 +0100
Subject: [PATCH 2/2] fixup! build(deps-dev): bump tar from 7.5.2 to 7.5.4

---
 yarn.lock | 15 +--------------
 1 file changed, 1 insertion(+), 14 deletions(-)

diff --git a/yarn.lock b/yarn.lock
index 01b1f3f22..a2f193d1e 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -4172,20 +4172,7 @@ __metadata:
   languageName: node
   linkType: hard
 
-"tar@npm:^7.5.2":
-  version: 7.5.2
-  resolution: "tar@npm:7.5.2"
-  dependencies:
-    "@isaacs/fs-minipass": "npm:^4.0.0"
-    chownr: "npm:^3.0.0"
-    minipass: "npm:^7.1.2"
-    minizlib: "npm:^3.1.0"
-    yallist: "npm:^5.0.0"
-  checksum: 10c0/a7d8b801139b52f93a7e34830db0de54c5aa45487c7cb551f6f3d44a112c67f1cb8ffdae856b05fd4f17b1749911f1c26f1e3a23bbe0279e17fd96077f13f467
-  languageName: node
-  linkType: hard
-
-"tar@npm:^7.5.4":
+"tar@npm:^7.5.2, tar@npm:^7.5.4":
   version: 7.5.6
   resolution: "tar@npm:7.5.6"
   dependencies: