fix: bump tar override to 7.5.12

[mattinannt]

Summary

• bump the root pnpm tar override from 7.5.7 to 7.5.12
• regenerate pnpm lockfile so Expo CLI resolves to tar@7.5.12
• keep direct dependencies unchanged because expo@54.0.33 already allows a patched tar via @expo/cli (^7.5.2)

Verification

• pnpm install
• confirmed dependency path: apps/playground -> expo@54.0.33 -> @expo/cli@54.0.23 -> tar@7.5.12
• confirmed pnpm audit reports 0 tar advisories

Notes

• react-native 0.84.1 is available, but it is unrelated to the tar issue
• expo 54.0.33 is already the newest 54.x release; moving to Expo 55 would be a separate major upgrade

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[coderabbitai]

Walkthrough

The package.json file was modified to update the version constraint for the tar package in the pnpm.overrides configuration. The override version was incremented from 7.5.7 to 7.5.12, which affects how the package manager resolves the tar dependency during installation. This change involved a single line modification with no other configuration, script, or dependency changes applied.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'fix: bump tar override to 7.5.12' directly describes the main change in the changeset: updating the tar package override version.
Description check	✅ Passed	The description is directly related to the changeset, providing clear context about the tar override bump, verification steps, and relevant notes about dependencies.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Tip

CodeRabbit can generate a title for your PR based on the changes.

Add @coderabbitai placeholder anywhere in the title of your PR and CodeRabbit will replace it with a title based on the changes in the PR. You can change the placeholder by changing the reviews.auto_title_placeholder setting.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@package.json`:
- Line 29: The tar override in pnpm.overrides currently pins "tar" to an exact
version "7.5.12" while other overrides (on-headers, glob, node-forge, js-yaml)
use minimum constraints; update the override for the symbol "tar" in
package.json under pnpm.overrides to use a minimum version constraint (change to
">=7.5.12") so it matches the existing pattern and allows future patch updates.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 6519d2f4-5ac8-4913-adf6-9e5fe0a056e9

📥 Commits

Reviewing files that changed from the base of the PR and between 7d82d98 and a507c14.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (1)

• package.json