From aa4b1c6c27bde1b9f34e21e0f51dac0dfade553d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 2 Jan 2026 05:50:09 +0000
Subject: [PATCH] chore(deps): bump tar-fs from 2.1.0 to 2.1.4

Bumps [tar-fs](https://github.com/mafintosh/tar-fs) from 2.1.0 to 2.1.4.
- [Commits](https://github.com/mafintosh/tar-fs/compare/v2.1.0...v2.1.4)

---
updated-dependencies:
- dependency-name: tar-fs
  dependency-version: 2.1.4
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 package.json |  2 +-
 yarn.lock    | 10 +++++-----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/package.json b/package.json
index 306741f..093717d 100644
--- a/package.json
+++ b/package.json
@@ -10,7 +10,7 @@
     "readline-sync": "^1.4.10",
     "recursive-copy": "^2.0.10",
     "rimraf": "^3.0.2",
-    "tar-fs": "^2.1.0",
+    "tar-fs": "^2.1.4",
     "tar-stream": "^2.1.4",
     "tmp": "^0.2.1"
   },
diff --git a/yarn.lock b/yarn.lock
index 7b913c0..eaeec3a 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -735,16 +735,16 @@ string_decoder@^1.1.1:
   dependencies:
     safe-buffer "~5.2.0"
 
-tar-fs@^2.1.0:
-  version "2.1.0"
-  resolved "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.0.tgz"
+tar-fs@^2.1.4:
+  version "2.1.4"
+  resolved "https://registry.yarnpkg.com/tar-fs/-/tar-fs-2.1.4.tgz#800824dbf4ef06ded9afea4acafe71c67c76b930"
   dependencies:
     chownr "^1.1.1"
     mkdirp-classic "^0.5.2"
     pump "^3.0.0"
-    tar-stream "^2.0.0"
+    tar-stream "^2.1.4"
 
-tar-stream@^2.0.0, tar-stream@^2.1.4:
+tar-stream@^2.1.4:
   version "2.1.4"
   resolved "https://registry.npmjs.org/tar-stream/-/tar-stream-2.1.4.tgz"
   dependencies: