From 175b438d5a465b94872ea3151612ebf5753926af Mon Sep 17 00:00:00 2001
From: Arnaud Besnier <arnaudibesnier@gmail.com>
Date: Fri, 22 Nov 2024 10:41:41 +0100
Subject: [PATCH] fix(security): patch tar dependency vulnerabilities (#1214)

---
 package.json |  3 ++-
 yarn.lock    | 14 +-------------
 2 files changed, 3 insertions(+), 14 deletions(-)

diff --git a/package.json b/package.json
index 34a76d38f..f29cf1123 100644
--- a/package.json
+++ b/package.json
@@ -53,6 +53,7 @@
     "!packages/_example/*"
   ],
   "resolutions": {
-    "express": "^4.21.1"
+    "express": "^4.21.1",
+    "tar": "^6.2.1"
   }
 }
diff --git a/yarn.lock b/yarn.lock
index fe344a64c..a3519c2fd 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -14586,19 +14586,7 @@ tar-stream@~2.2.0:
     inherits "^2.0.3"
     readable-stream "^3.1.1"
 
-tar@6.1.11:
-  version "6.1.11"
-  resolved "https://registry.yarnpkg.com/tar/-/tar-6.1.11.tgz#6760a38f003afa1b2ffd0ffe9e9abbd0eab3d621"
-  integrity sha512-an/KZQzQUkZCkuoAA64hM92X0Urb6VpRhAFllDzz44U2mcD5scmT3zBc4VgVpkugF580+DQn8eAFSyoQt0tznA==
-  dependencies:
-    chownr "^2.0.0"
-    fs-minipass "^2.0.0"
-    minipass "^3.0.0"
-    minizlib "^2.1.1"
-    mkdirp "^1.0.3"
-    yallist "^4.0.0"
-
-tar@^6.0.2, tar@^6.1.0, tar@^6.1.11, tar@^6.1.2:
+tar@6.1.11, tar@^6.0.2, tar@^6.1.0, tar@^6.1.11, tar@^6.1.2, tar@^6.2.1:
   version "6.2.1"
   resolved "https://registry.yarnpkg.com/tar/-/tar-6.2.1.tgz#717549c541bc3c2af15751bea94b1dd068d4b03a"
   integrity sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==