From 56eb0761dda8775eccd48030f0162a989de4c33c Mon Sep 17 00:00:00 2001 From: Hugh Hackman Date: Wed, 18 Mar 2026 22:55:50 +0000 Subject: [PATCH 1/2] fix: add npm overrides for tar and undici security advisories Co-Authored-By: Paperclip --- package.json | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/package.json b/package.json index 884dc82..f453698 100644 --- a/package.json +++ b/package.json @@ -26,5 +26,9 @@ }, "devDependencies": { "@kinvolk/headlamp-plugin": "^0.13.0" + }, + "overrides": { + "tar": "^7.5.11", + "undici": "^7.24.3" } } From 37a22321785a6a8081458fab41967189bef651fa Mon Sep 17 00:00:00 2001 From: Hugh Hackman Date: Wed, 18 Mar 2026 23:08:00 +0000 Subject: [PATCH 2/2] fix: regenerate package-lock.json for undici override Co-Authored-By: Paperclip --- package-lock.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index d30a2a7..ddb2892 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16171,9 +16171,9 @@ } }, "node_modules/tar": { - "version": "7.5.9", - "resolved": "https://registry.npmjs.org/tar/-/tar-7.5.9.tgz", - "integrity": "sha512-BTLcK0xsDh2+PUe9F6c2TlRp4zOOBMTkoQHQIWSIzI0R7KG46uEwq4OPk2W7bZcprBMsuaeFsqwYr7pjh6CuHg==", + "version": "7.5.11", + "resolved": "https://registry.npmjs.org/tar/-/tar-7.5.11.tgz", + "integrity": "sha512-ChjMH33/KetonMTAtpYdgUFr0tbz69Fp2v7zWxQfYZX4g5ZN2nOBXm1R2xyA+lMIKrLKIoKAwFj93jE/avX9cQ==", "dev": true, "license": "BlueOak-1.0.0", "dependencies": { @@ -16781,9 +16781,9 @@ } }, "node_modules/undici": { - "version": "7.22.0", - "resolved": "https://registry.npmjs.org/undici/-/undici-7.22.0.tgz", - "integrity": "sha512-RqslV2Us5BrllB+JeiZnK4peryVTndy9Dnqq62S3yYRRTj0tFQCwEniUy2167skdGOy3vqRzEvl1Dm4sV2ReDg==", + "version": "7.24.4", + "resolved": "https://registry.npmjs.org/undici/-/undici-7.24.4.tgz", + "integrity": "sha512-BM/JzwwaRXxrLdElV2Uo6cTLEjhSb3WXboncJamZ15NgUURmvlXvxa6xkwIOILIjPNo9i8ku136ZvWV0Uly8+w==", "dev": true, "license": "MIT", "engines": {