From afdc60f27ffbc8e8646bb792e90e5102e5d10e94 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 18 Feb 2026 04:42:30 +0000
Subject: [PATCH] Bump tar from 7.5.4 to 7.5.8 in /context-js

Bumps [tar](https://github.com/isaacs/node-tar) from 7.5.4 to 7.5.8.
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-tar/compare/v7.5.4...v7.5.8)

---
updated-dependencies:
- dependency-name: tar
  dependency-version: 7.5.8
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 context-js/package.json   |  2 +-
 context-js/pnpm-lock.yaml | 13 +++++++------
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/context-js/package.json b/context-js/package.json
index c88e3d60..7edfee31 100644
--- a/context-js/package.json
+++ b/context-js/package.json
@@ -19,7 +19,7 @@
     "@vitest/eslint-plugin": "^1.6.6",
     "dayjs": "^1.11.13",
     "eslint": "^9.39.2",
-    "tar": "^7.5.4",
+    "tar": "^7.5.8",
     "text": "^0.1.0",
     "tinyrainbow": "^3.0.3",
     "typescript": "^5.9.3",
diff --git a/context-js/pnpm-lock.yaml b/context-js/pnpm-lock.yaml
index 6e8d93b2..550df3b2 100644
--- a/context-js/pnpm-lock.yaml
+++ b/context-js/pnpm-lock.yaml
@@ -48,8 +48,8 @@ importers:
         specifier: ^9.39.2
         version: 9.39.2
       tar:
-        specifier: ^7.5.4
-        version: 7.5.4
+        specifier: ^7.5.8
+        version: 7.5.8
       text:
         specifier: ^0.1.0
         version: 0.1.0
@@ -903,6 +903,7 @@ packages:
 
   glob@10.5.0:
     resolution: {integrity: sha512-DfXN8DfhJ7NH3Oe7cFmu3NCu1wKbkReJ8TorzSAFbSKrlNaQSKfIzqYqVY8zlbs2NLBbWpRiU52GX2PbaBVNkg==}
+    deprecated: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
     hasBin: true
 
   globals@14.0.0:
@@ -1215,10 +1216,10 @@ packages:
   tar@6.2.1:
     resolution: {integrity: sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==}
     engines: {node: '>=10'}
-    deprecated: Old versions of tar are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exhorbitant rates) by contacting i@izs.me
+    deprecated: Old versions of tar are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
 
-  tar@7.5.4:
-    resolution: {integrity: sha512-AN04xbWGrSTDmVwlI4/GTlIIwMFk/XEv7uL8aa57zuvRy6s4hdBed+lVq2fAZ89XDa7Us3ANXcE3Tvqvja1kTA==}
+  tar@7.5.8:
+    resolution: {integrity: sha512-SYkBtK99u0yXa+IWL0JRzzcl7RxNpvX/U08Z+8DKnysfno7M+uExnTZH8K+VGgShf2qFPKtbNr9QBl8n7WBP6Q==}
     engines: {node: '>=18'}
 
   text@0.1.0:
@@ -2431,7 +2432,7 @@ snapshots:
       mkdirp: 1.0.4
       yallist: 4.0.0
 
-  tar@7.5.4:
+  tar@7.5.8:
     dependencies:
       '@isaacs/fs-minipass': 4.0.1
       chownr: 3.0.0