installing datum-sdk give me a warining about tar.gz being deprecated and vulnerable

[abumalick]

When installing last version of datim-sdk with yarn, I get the following line:

warning datum-sdk > web3 > web3-bzz > swarm-js > [email protected]: ⚠️  WARNING ⚠️ tar.gz module has been deprecated and your application is vulnerable. Please use tar module instead: https://npmjs.com/tar

is it really vulnerable because of this package ?

[rhaenni]

tar.gz is a dependency of web3 js, however we are not using the part of web3 that uses the deprecated tar.gz version so it's not an issue