prebuild-install icon indicating copy to clipboard operation
prebuild-install copied to clipboard
verified publisher icon prebuild

tar-fs 3.0

Open dynst opened this issue 5 months ago • 2 comments

https://bundlephobia.com/package/[email protected]

The new tar-fs 3.0 updated to tar-stream 3.0, which shed its dependency on readable-stream in https://github.com/mafintosh/tar-stream/pull/143

Or maybe just switching to tar is better.

dynst avatar Jul 21 '25 04:07 dynst

Getting out of 2.1.3 is urgent due to CVE-2025-59343 I would recommend to at least patch it to 2.1.4

klippx avatar Sep 30 '25 07:09 klippx

My organization would also benefit from tar-fs dependency being updated "^2.0.0" -> "^3.0.0".

VsKatshuma avatar Nov 12 '25 21:11 VsKatshuma