Skip to content

chore: bump tar from 7.5.13 to 7.5.19#818

Closed
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/npm_and_yarn/tar-7.5.16
Closed

chore: bump tar from 7.5.13 to 7.5.19#818
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/npm_and_yarn/tar-7.5.16

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown
Contributor

Bumps tar from 7.5.13 to 7.5.19.

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 15, 2026
@dependabot dependabot Bot requested review from Ckoelewyn and tom0827 as code owners June 15, 2026 20:55
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jun 15, 2026
@dependabot dependabot Bot added the javascript Pull requests that update javascript code label Jun 15, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/tar-7.5.16 branch from ea5b2ce to a5decec Compare June 19, 2026 17:44
@dependabot dependabot Bot changed the title chore: bump tar from 7.5.13 to 7.5.16 chore: bump tar from 7.5.13 to 7.5.19 Jun 29, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/tar-7.5.16 branch 6 times, most recently from 77483aa to 6865295 Compare July 1, 2026 00:01
Bumps [tar](https://github.com/isaacs/node-tar) from 7.5.13 to 7.5.19.
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](isaacs/node-tar@v7.5.13...v7.5.19)

---
updated-dependencies:
- dependency-name: tar
  dependency-version: 7.5.16
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/tar-7.5.16 branch from 6865295 to dab96cb Compare July 2, 2026 17:07
danieltruong added a commit that referenced this pull request Jul 2, 2026
Bumps actions/checkout to v7.0.0, github/codeql-action to v4.36.3,
js-yaml to v4.3.0, and tar to v7.5.19 to address security vulnerabilities
and close Dependabot pull requests #817, #818, #819, #820, and #821.
@dependabot @github

dependabot Bot commented on behalf of github Jul 2, 2026

Copy link
Copy Markdown
Contributor Author

Looks like tar is up-to-date now, so this is no longer needed.

@dependabot dependabot Bot closed this Jul 2, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/tar-7.5.16 branch July 2, 2026 17:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants