From ac8e7fcda06e17f3dd3e72f997b8bbe36194491c Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Sat, 14 Mar 2026 19:48:53 +0000
Subject: [PATCH] chore(deps): update dependency tar to >=7.5.11 [security]

---
 package.json   | 2 +-
 pnpm-lock.yaml | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/package.json b/package.json
index e8b7f57247..fc2f621e50 100644
--- a/package.json
+++ b/package.json
@@ -70,7 +70,7 @@
       "jose": ">=4.15.5",
       "undici@>=5.0.0": "^5.28.5",
       "undici@>=6.0.0": "^6.21.2",
-      "tar": ">=7.5.4",
+      "tar": ">=7.5.11",
       "braces@<3.0.3": ">=3.0.3",
       "dset@<3.1.4": ">=3.1.4",
       "path-to-regexp@>=0.1.7": "^0.1.12",
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index a797580f51..34e92f6e62 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -11,7 +11,7 @@ overrides:
   jose: '>=4.15.5'
   undici@>=5.0.0: ^5.28.5
   undici@>=6.0.0: ^6.21.2
-  tar: '>=7.5.4'
+  tar: '>=7.5.11'
   braces@<3.0.3: '>=3.0.3'
   dset@<3.1.4: '>=3.1.4'
   path-to-regexp@>=0.1.7: ^0.1.12
@@ -10814,7 +10814,7 @@ packages:
       minipass-pipeline: 1.2.4
       p-map: 4.0.0
       ssri: 10.0.5
-      tar: 7.5.6
+      tar: 7.5.11
       unique-filename: 3.0.0
     dev: true
 
@@ -22313,8 +22313,8 @@ packages:
       - bare-abort-controller
     dev: true
 
-  /tar@7.5.6:
-    resolution: {integrity: sha512-xqUeu2JAIJpXyvskvU3uvQW8PAmHrtXp2KDuMJwQqW8Sqq0CaZBAQ+dKS3RBXVhU4wC5NjAdKrmh84241gO9cA==}
+  /tar@7.5.11:
+    resolution: {integrity: sha512-ChjMH33/KetonMTAtpYdgUFr0tbz69Fp2v7zWxQfYZX4g5ZN2nOBXm1R2xyA+lMIKrLKIoKAwFj93jE/avX9cQ==}
     engines: {node: '>=18'}
     dependencies:
       '@isaacs/fs-minipass': 4.0.1