From c0fdb25fb47d930de61f7fb97b0cbce7199add83 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 15 Jul 2025 01:05:26 +0000
Subject: [PATCH] fix: deps/npm/package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-SEMVER-3247795
- https://snyk.io/vuln/SNYK-JS-TAR-6476909
- https://snyk.io/vuln/SNYK-JS-NPMREGISTRYFETCH-575432
---
 deps/npm/package.json | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/deps/npm/package.json b/deps/npm/package.json
index 24827e59cfd9a1..09fd51c4797ba8 100644
--- a/deps/npm/package.json
+++ b/deps/npm/package.json
@@ -72,8 +72,8 @@
     "is-cidr": "^3.0.0",
     "json-parse-better-errors": "^1.0.2",
     "lazy-property": "~1.0.0",
-    "libcipm": "^3.0.3",
-    "libnpm": "^2.0.1",
+    "libcipm": "^4.0.8",
+    "libnpm": "^3.0.1",
     "libnpmhook": "^5.0.2",
     "libnpx": "^10.2.0",
     "lock-verify": "^2.1.0",
@@ -88,13 +88,13 @@
     "mississippi": "^3.0.0",
     "mkdirp": "~0.5.1",
     "move-concurrently": "^1.0.1",
-    "node-gyp": "^3.8.0",
+    "node-gyp": "^5.0.6",
     "nopt": "~4.0.1",
     "normalize-package-data": "^2.5.0",
     "npm-audit-report": "^1.3.2",
     "npm-cache-filename": "~1.0.2",
     "npm-install-checks": "~3.0.0",
-    "npm-lifecycle": "^2.1.0",
+    "npm-lifecycle": "^3.1.5",
     "npm-package-arg": "^6.1.0",
     "npm-packlist": "^1.4.1",
     "npm-pick-manifest": "^2.2.3",
@@ -104,7 +104,7 @@
     "once": "~1.4.0",
     "opener": "^1.5.1",
     "osenv": "^0.1.5",
-    "pacote": "^9.5.0",
+    "pacote": "^10.3.1",
     "path-is-inside": "~1.0.2",
     "promise-inflight": "~1.0.1",
     "qrcode-terminal": "^0.12.0",