Bump tar from 2.2.2 to 4.4.18

Bumps tar from 2.2.2 to 4.4.18.

Changelog

Changelog

6.0

Drop support for node 6 and 8

fix symlinks and hardlinks on windows being packed with \-style path targets

5.0

Address unpack race conditions using path reservations

Change large-numbers errors from TypeError to Error

Add TAR_* error codes

Raise TAR_BAD_ARCHIVE warning/error when there are no valid entries found in an archive

do not treat ignored entries as an invalid archive

drop support for node v4

unpack: conditionally use a file mapping to write files on Windows

Set more portable 'mode' value in portable mode

Set portable gzip option in portable mode

4.4

Add 'mtime' option to tar creation to force mtime

unpack: only reuse file fs entries if nlink = 1

unpack: rename before unlinking files on Windows

Fix encoding/decoding of base-256 numbers

Use stat instead of lstat when checking CWD

Always provide a callback to fs.close()

4.3

Add 'transform' unpack option

4.2

Fail when zlib fails

4.1

Add noMtime flag for tar creation

4.0

unpack: raise error if cwd is missing or not a dir

pack: don't drop dots from dotfiles when prefixing

3.1

Support @file.tar as an entry argument to copy entries from one tar

... (truncated)

Commits

3e35515 4.4.18
52b09e3 fix: prevent path escape using drive-relative paths
bb93ba2 fix: reserve paths properly for unicode, windows
2f1bca0 fix: prune dirCache properly for unicode, windows
9bf70a8 4.4.17
6aafff0 fix: skip extract if linkpath is stripped entirely
5c5059a fix: reserve paths case-insensitively
fd6accb 4.4.16
53cea6e tests: run (and pass) on windows
166cfc0 fix: refactoring to pass tests on Windows
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/cxw42/TabFern/network/alerts).

cxw42 / TabFern

Bump tar from 2.2.2 to 4.4.18 #263

Changelog

6.0

5.0

4.4

4.3

4.2

4.1

4.0

3.1