Skip to content

Bump tar and supabase#28

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/multi-2b858085f3
Closed

Bump tar and supabase#28
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/multi-2b858085f3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Mar 6, 2026

Copy link
Copy Markdown
Contributor

Bumps tar to 7.5.10 and updates ancestor dependency supabase. These dependencies need to be updated together.

Updates tar from 7.5.3 to 7.5.10

Commits
  • 2b72abc 7.5.10
  • 7bc755d parse root off paths before sanitizing .. parts
  • c8cb846 update deps
  • 1f0c2c9 7.5.9
  • fbb0851 build minified version as default export
  • 6b8eba0 7.5.8
  • 2cb1120 fix(unpack): improve UnpackSync symlink error "into" path accuracy
  • d18e4e1 fix: do not write linkpaths through symlinks
  • 4a37eb9 7.5.7
  • f4a7aa9 fix: properly sanitize hard links containing ..
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by isaacs, a new releaser for tar since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.


Updates supabase from 2.72.8 to 2.76.17

Release notes

Sourced from supabase's releases.

v2.76.17

Changelog

Bug fixes

  • e575ff04d08742e5c60efab837873641793274ca: fix(docker): bump the docker-minor group in /pkg/config/templates with 4 updates (#4926) (@​dependabot[bot])
  • 67510a2edf2276a41ea0bec4bba835b0a177157c: fix(function): support multiline import type statements in import scanning (#4872) (@​lightstrike)

Others

  • 3defd608a41611650e2670f6424047178d15bc8d: chore(deps): bump go.opentelemetry.io/otel from 1.40.0 to 1.41.0 in the go-minor group across 1 directory (#4924) (@​dependabot[bot])
  • 4544462f76b5e7eb9c267d328bc9eab6b82f9966: chore(deps): bump tar from 7.5.9 to 7.5.10 in the npm-major group (#4928) (@​dependabot[bot])
  • 9efbdaa9e371c83c1503043ee73a91db2119b50b: chore(deps): bump github.com/slack-go/slack from 0.18.0 to 0.19.0 in the go-minor group across 1 directory (#4931) (@​dependabot[bot])

v2.76.16

Changelog

Bug fixes

  • f750a9b26879881c6fec44b65c43290d4c10e888: fix(docker): bump supabase/postgres from 17.6.1.088 to 17.6.1.089 in /pkg/config/templates (#4900) (@​dependabot[bot])
  • 6258d35f045f48551bfd699b9b324524be4019f5: fix(docker): bump the docker-minor group in /pkg/config/templates with 2 updates (#4899) (@​dependabot[bot])
  • 2d64b8a8bafe06e306962549fb75962bb7e5e95b: fix(docker): bump supabase/postgres from 17.6.1.089 to 17.6.1.090 in /pkg/config/templates (#4905) (@​dependabot[bot])
  • f01a81ca79f0c446a33e8de563fc3d12ca9e64cf: fix(docker): bump the docker-minor group in /pkg/config/templates with 3 updates (#4904) (@​dependabot[bot])
  • 461fdd29f8d87139f24be6ee6f2cf886921a0b15: fix(docker): bump the docker-minor group in /pkg/config/templates with 2 updates (#4909) (@​dependabot[bot])
  • 635a283915ef0e28b777fd740980a1a6baf77738: fix(docker): bump supabase/postgres from 17.6.1.090 to 17.6.1.091 in /pkg/config/templates (#4910) (@​dependabot[bot])
  • 5726ec3448fb5251c741ecab6a0f3081419d6fee: fix(docker): bump supabase/postgres-meta from v0.95.2 to v0.96.0 in /pkg/config/templates in the docker-minor group (#4912) (@​dependabot[bot])
  • 46661e22b78551a7334e535b65015cad26faa364: fix(docker): bump supabase/postgres from 17.6.1.091 to 17.6.1.093 in /pkg/config/templates (#4923) (@​dependabot[bot])
  • d1c9f69b870abc4be96fe4b831868659118ab5fd: fix(docker): bump the docker-minor group in /pkg/config/templates with 4 updates (#4922) (@​dependabot[bot])

Others

  • 11d000f3af87e87e2ba5ddc38e6157b8a370ae7e: chore(deps): bump the go-minor group across 1 directory with 2 updates (#4893) (@​dependabot[bot])
  • eac33cab87d8b590684be286f1159630dc7f034b: chore: sync API types from infrastructure (#4895) (@​supabase-cli-releaser[bot])
  • 7c940eba368d1c0a268adfa6a077938588c73971: chore(deps): bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0 (#4916) (@​dependabot[bot])
  • 6f9e21dec84753b2309a83262e746f8d45760838: chore(deps): bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 (#4897) (@​dependabot[bot])
  • 9cdc0238a5cfca3c19acc5066b3c17a15a662a49: chore(deps): bump the go-minor group across 2 directories with 3 updates (#4906) (@​dependabot[bot])
  • fa1a7ddc44f8e62ce0778d04d6a60c2272927d21: chore: sync API types from infrastructure (#4918) (@​supabase-cli-releaser[bot])

v2.76.15

Changelog

Bug fixes

  • aee1f7b3d26595fbc882533e6de45c478be923cb: fix(docker): bump supabase/postgres from 17.6.1.087 to 17.6.1.088 in /pkg/config/templates (#4889) (@​dependabot[bot])
  • 1d5b8ed5b1043591e7263b3c8e49535c139e6485: fix(docker): bump the docker-minor group in /pkg/config/templates with 2 updates (#4888) (@​dependabot[bot])
  • 4c759e2d2997e9478b46b7c14f6643beb15d9817: fix(docker): bump the docker-minor group in /pkg/config/templates with 3 updates (#4892) (@​dependabot[bot])

Others

v2.76.14

Changelog

Bug fixes

  • 2f6e0c328ad1782fbc42b799c4afe08a0595289c: fix(updater): network restrictions not enabled (#4887) (@​avallete)

v2.76.13

Changelog

Bug fixes

  • f770c79656da8556f5c159da4b81a2ad4e5533e1: fix(docker): bump supabase/postgres from 17.6.1.084 to 17.6.1.087 in /pkg/config/templates (#4881) (@​dependabot[bot])
  • 562fced0f720933372d8c9073a5990be21e94823: fix(docker): bump the docker-minor group in /pkg/config/templates with 2 updates (#4880) (@​dependabot[bot])
  • 841c9f1e94419360fce91e4fcf259e4c2ba99933: fix(docker): bump supabase/logflare from 1.32.3 to 1.32.5 in /pkg/config/templates in the docker-minor group (#4882) (@​dependabot[bot])

... (truncated)

Commits
  • 67510a2 fix(function): support multiline import type statements in import scanning (#...
  • 9efbdaa chore(deps): bump github.com/slack-go/slack from 0.18.0 to 0.19.0 in the go-m...
  • 4544462 chore(deps): bump tar from 7.5.9 to 7.5.10 in the npm-major group (#4928)
  • e575ff0 fix(docker): bump the docker-minor group in /pkg/config/templates with 4 upda...
  • 3defd60 chore(deps): bump go.opentelemetry.io/otel from 1.40.0 to 1.41.0 in the go-mi...
  • fa1a7dd chore: sync API types from infrastructure (#4918)
  • d1c9f69 fix(docker): bump the docker-minor group in /pkg/config/templates with 4 upda...
  • 46661e2 fix(docker): bump supabase/postgres from 17.6.1.091 to 17.6.1.093 in /pkg/con...
  • 9cdc023 chore(deps): bump the go-minor group across 2 directories with 3 updates (#4906)
  • 6f9e21d chore(deps): bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 (#4897)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump tar and supabase
30adcc4 
Bumps [tar](https://github.com/isaacs/node-tar) to 7.5.10 and updates ancestor dependency [supabase](https://github.com/supabase/cli). These dependencies need to be updated together.


Updates `tar` from 7.5.3 to 7.5.10
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](isaacs/node-tar@v7.5.3...v7.5.10)

Updates `supabase` from 2.72.8 to 2.76.17
- [Release notes](https://github.com/supabase/cli/releases)
- [Commits](supabase/cli@v2.72.8...v2.76.17)

---
updated-dependencies:
- dependency-name: tar
  dependency-version: 7.5.10
  dependency-type: indirect
- dependency-name: supabase
  dependency-version: 2.76.17
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 6, 2026
@vercel

vercel Bot commented Mar 6, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
rolemodel-ai-leads Ready Ready Preview, Comment, Open in v0 Mar 6, 2026 1:49pm

Request Review

@dependabot dependabot Bot mentioned this pull request Mar 6, 2026
Closed
@dependabot @github

dependabot Bot commented on behalf of github Mar 11, 2026

Copy link
Copy Markdown
Contributor Author

Superseded by #29.

@dependabot dependabot Bot closed this Mar 11, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/multi-2b858085f3 branch March 11, 2026 21:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants