Skip to content

chore(deps): bump tar to ^7.5.8#5703

Open
antonis wants to merge 1 commit intomainfrom
antonis/bump-tar
Open

chore(deps): bump tar to ^7.5.8#5703
antonis wants to merge 1 commit intomainfrom
antonis/bump-tar

Conversation

@antonis
Copy link
Contributor

@antonis antonis commented Feb 24, 2026

Summary

  • Updates existing tar resolution from ^7.5.7 to ^7.5.8, resolves to 7.5.9
  • Fixes arbitrary file read/write via hardlink target escape through symlink chain in node-tar extraction (affected range: < 7.5.8)

Dependabot alerts

Test plan

  • yarn install resolves tar to 7.5.9
  • yarn build passes
  • yarn test passes

🤖 Generated with Claude Code

@antonis @claude
chore(deps): bump tar to ^7.5.8
57a5f0a 
Updates existing tar resolution from ^7.5.7 to ^7.5.8, patching
arbitrary file read/write via hardlink target escape through symlink
chain during extraction (affected range: < 7.5.8, resolves to 7.5.9).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@antonis antonis added the ready-to-merge Triggers the full CI test suite label Feb 24, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Feb 24, 2026
edited
Loading

Semver Impact of This PR

None (no version bump detected)

📋 Changelog Preview

This is how your changes will appear in the changelog.
Entries from this PR are highlighted with a left border (blockquote style).

  • chore(deps): bump tar to ^7.5.8 by antonis in #5703
  • chore(deps): bump getsentry/craft from 2.21.4 to 2.21.7 by dependabot in #5694
  • chore(deps): bump getsentry/craft/.github/workflows/changelog-preview.yml from 2.21.4 to 2.21.7 by dependabot in #5695
  • chore(deps): update CLI to v3.2.2 by github-actions in #5692
  • chore(deps): bump github/codeql-action from 4.32.3 to 4.32.4 by dependabot in #5693
  • chore(deps): update Maestro to v2.2.0 by github-actions in #5691
  • chore(deps): update Cocoa SDK to v9.5.0 by github-actions in #5685
  • chore(deps): update Android SDK Stubs to v8.33.0 by github-actions in #5697
  • chore(deps): update Android SDK to v8.33.0 by github-actions in #5684
  • chore(deps): update Sentry Android Gradle Plugin to v6.1.0 by github-actions in #5687
  • Ref(CI): Add android sdk version check by lucas-zimerman in #5686

🤖 This preview updates automatically when you update the PR.

@github-actions
Copy link
Contributor

github-actions bot commented Feb 24, 2026
edited
Loading

iOS (legacy) Performance metrics 🚀

  Plain With Sentry Diff
Startup time 1209.18 ms 1212.90 ms 3.71 ms
Size 3.38 MiB 4.78 MiB 1.40 MiB

Baseline results on branch: main

Startup times

Revision Plain With Sentry Diff
90e7cb3+dirty 1206.61 ms 1209.46 ms 2.84 ms
60cd796+dirty 1204.87 ms 1202.71 ms -2.17 ms
8e653ac+dirty 1218.63 ms 1223.88 ms 5.24 ms
f70acbf+dirty 1235.71 ms 1243.14 ms 7.43 ms
ad27f6e+dirty 1223.41 ms 1246.29 ms 22.88 ms
6c11c6a+dirty 1202.43 ms 1212.70 ms 10.27 ms
664c66f+dirty 1215.37 ms 1221.30 ms 5.92 ms
d916aa3+dirty 1221.02 ms 1228.98 ms 7.96 ms
36841a6+dirty 1221.32 ms 1222.17 ms 0.85 ms
bca62c0+dirty 1183.61 ms 1183.76 ms 0.14 ms

App size

Revision Plain With Sentry Diff
90e7cb3+dirty 3.41 MiB 4.58 MiB 1.17 MiB
60cd796+dirty 3.44 MiB 4.67 MiB 1.23 MiB
8e653ac+dirty 2.63 MiB 4.01 MiB 1.38 MiB
f70acbf+dirty 2.63 MiB 3.98 MiB 1.34 MiB
ad27f6e+dirty 3.41 MiB 4.67 MiB 1.25 MiB
6c11c6a+dirty 3.44 MiB 4.60 MiB 1.16 MiB
664c66f+dirty 3.38 MiB 4.60 MiB 1.22 MiB
d916aa3+dirty 2.63 MiB 3.81 MiB 1.18 MiB
36841a6+dirty 3.41 MiB 4.67 MiB 1.25 MiB
bca62c0+dirty 3.38 MiB 4.60 MiB 1.22 MiB

@antonis antonis mentioned this pull request Feb 24, 2026
Open
@github-actions
Copy link
Contributor

github-actions bot commented Feb 24, 2026
edited
Loading

Android (legacy) Performance metrics 🚀

  Plain With Sentry Diff
Startup time 420.07 ms 476.02 ms 55.96 ms
Size 43.75 MiB 48.46 MiB 4.71 MiB

Baseline results on branch: main

Startup times

Revision Plain With Sentry Diff
df1f7df+dirty 442.64 ms 427.16 ms -15.48 ms
a483f9f+dirty 396.82 ms 453.28 ms 56.46 ms
a0b15d6 423.06 ms 437.77 ms 14.71 ms
7091004+dirty 416.11 ms 423.90 ms 7.79 ms
5526494 440.84 ms 448.36 ms 7.52 ms
8a4ce6f 422.88 ms 408.33 ms -14.55 ms
526494a+dirty 422.80 ms 438.90 ms 16.10 ms
60cd796+dirty 445.84 ms 492.45 ms 46.61 ms
3bd3f0d+dirty 447.21 ms 472.31 ms 25.10 ms
769e11c+dirty 409.15 ms 446.06 ms 36.91 ms

App size

Revision Plain With Sentry Diff
df1f7df+dirty 43.75 MiB 48.08 MiB 4.33 MiB
a483f9f+dirty 43.75 MiB 48.41 MiB 4.66 MiB
a0b15d6 17.75 MiB 20.15 MiB 2.41 MiB
7091004+dirty 43.75 MiB 47.99 MiB 4.23 MiB
5526494 17.75 MiB 19.68 MiB 1.93 MiB
8a4ce6f 17.75 MiB 19.68 MiB 1.94 MiB
526494a+dirty 43.75 MiB 47.99 MiB 4.24 MiB
60cd796+dirty 43.75 MiB 48.07 MiB 4.32 MiB
3bd3f0d+dirty 17.75 MiB 19.70 MiB 1.95 MiB
769e11c+dirty 43.75 MiB 48.41 MiB 4.66 MiB

@antonis antonis marked this pull request as ready for review February 24, 2026 12:15
@github-actions
Copy link
Contributor

github-actions bot commented Feb 24, 2026

iOS (new) Performance metrics 🚀

  Plain With Sentry Diff
Startup time 1219.28 ms 1224.18 ms 4.91 ms
Size 3.38 MiB 4.78 MiB 1.40 MiB

Baseline results on branch: main

Startup times

Revision Plain With Sentry Diff
90e7cb3+dirty 1212.61 ms 1213.80 ms 1.19 ms
60cd796+dirty 1206.08 ms 1213.36 ms 7.28 ms
8e653ac+dirty 1215.46 ms 1220.20 ms 4.75 ms
f70acbf+dirty 1239.00 ms 1242.53 ms 3.53 ms
ad27f6e+dirty 1214.28 ms 1203.67 ms -10.62 ms
6c11c6a+dirty 1217.55 ms 1221.49 ms 3.94 ms
664c66f+dirty 1195.94 ms 1194.80 ms -1.14 ms
d916aa3+dirty 1211.02 ms 1221.33 ms 10.31 ms
36841a6+dirty 1215.87 ms 1217.27 ms 1.40 ms
bca62c0+dirty 1219.65 ms 1226.14 ms 6.50 ms

App size

Revision Plain With Sentry Diff
90e7cb3+dirty 3.41 MiB 4.58 MiB 1.17 MiB
60cd796+dirty 3.44 MiB 4.67 MiB 1.23 MiB
8e653ac+dirty 3.19 MiB 4.58 MiB 1.39 MiB
f70acbf+dirty 3.19 MiB 4.54 MiB 1.36 MiB
ad27f6e+dirty 3.41 MiB 4.67 MiB 1.25 MiB
6c11c6a+dirty 3.44 MiB 4.60 MiB 1.16 MiB
664c66f+dirty 3.38 MiB 4.60 MiB 1.22 MiB
d916aa3+dirty 3.19 MiB 4.38 MiB 1.19 MiB
36841a6+dirty 3.41 MiB 4.67 MiB 1.25 MiB
bca62c0+dirty 3.38 MiB 4.60 MiB 1.22 MiB

@github-actions
Copy link
Contributor

github-actions bot commented Feb 24, 2026

Android (new) Performance metrics 🚀

  Plain With Sentry Diff
Startup time 472.00 ms 526.54 ms 54.54 ms
Size 43.94 MiB 49.33 MiB 5.39 MiB

Baseline results on branch: main

Startup times

Revision Plain With Sentry Diff
df1f7df+dirty 374.68 ms 384.96 ms 10.28 ms
a483f9f+dirty 428.57 ms 475.98 ms 47.41 ms
7091004+dirty 377.76 ms 402.11 ms 24.35 ms
5526494+dirty 380.79 ms 432.70 ms 51.91 ms
98f632c+dirty 323.98 ms 375.39 ms 51.41 ms
5c16cdc+dirty 375.45 ms 426.62 ms 51.17 ms
8ece263+dirty 369.44 ms 414.65 ms 45.21 ms
a2bb688+dirty 371.19 ms 389.18 ms 17.99 ms
526494a+dirty 361.10 ms 410.84 ms 49.74 ms
60cd796+dirty 410.56 ms 439.00 ms 28.44 ms

App size

Revision Plain With Sentry Diff
df1f7df+dirty 43.94 MiB 48.91 MiB 4.97 MiB
a483f9f+dirty 43.94 MiB 49.27 MiB 5.33 MiB
7091004+dirty 43.94 MiB 48.81 MiB 4.88 MiB
5526494+dirty 7.15 MiB 8.41 MiB 1.26 MiB
98f632c+dirty 7.15 MiB 8.42 MiB 1.27 MiB
5c16cdc+dirty 7.15 MiB 8.41 MiB 1.26 MiB
8ece263+dirty 7.15 MiB 8.41 MiB 1.26 MiB
a2bb688+dirty 7.15 MiB 8.43 MiB 1.28 MiB
526494a+dirty 43.94 MiB 48.82 MiB 4.88 MiB
60cd796+dirty 43.94 MiB 48.90 MiB 4.96 MiB

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alwx alwx Awaiting requested review from alwx alwx is a code owner

@lucas-zimerman lucas-zimerman Awaiting requested review from lucas-zimerman lucas-zimerman is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

ready-to-merge Triggers the full CI test suite

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@antonis