From 6562fd1d0e82c0c94b9a8372bf04364e001ca0b6 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 24 Jan 2026 22:50:30 +0000
Subject: [PATCH] fix: dev/diff/package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TAR-15038581
- https://snyk.io/vuln/SNYK-JS-GLOB-14040952
- https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230
- https://snyk.io/vuln/SNYK-JS-LODASHES-15053836
- https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073
---
 dev/diff/package.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/dev/diff/package.json b/dev/diff/package.json
index a5a7beb0df..00e4dd930a 100644
--- a/dev/diff/package.json
+++ b/dev/diff/package.json
@@ -10,10 +10,10 @@
     "got": "^13.0.0",
     "keypress": "^0.2.1",
     "listr2": "^6.6.1",
-    "lodash-es": "^4.17.21",
+    "lodash-es": "^4.17.23",
     "luxon": "^3.6.1",
     "pretty-bytes": "^6.1.1",
-    "tar": "^7.4.3",
+    "tar": "^7.5.4",
     "yargs": "^17.7.2"
   },
   "engines": {