[BUG] Snyk scanning fails for all versions of npm

### Is there an existing issue for this?

- [x] I have searched the existing issues

### This issue exists in the latest npm version

- [x] I am using the latest npm

### Current Behavior

Snyk published a [high-severity issue in all versions of tar 7.5.7](https://security.snyk.io/vuln/SNYK-JS-TAR-15307072) and lower.  The latest npm (v11.10.0) has package-lock set at version 7.5.7 for the `tar` dependency.  Since my company blocks deploy with failing Snyk scans, now I can't deploy anything that has npm on it.

### Expected Behavior

Update to tar 7.5.8 (or above) so my Snyk check passes.

### Steps To Reproduce

_No response_

### Environment

npm: v11.10.0


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[BUG] Snyk scanning fails for all versions of npm #8992

Is there an existing issue for this?

This issue exists in the latest npm version

Current Behavior

Expected Behavior

Steps To Reproduce

Environment

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[BUG] Snyk scanning fails for all versions of npm #8992

Description

Is there an existing issue for this?

This issue exists in the latest npm version

Current Behavior

Expected Behavior

Steps To Reproduce

Environment

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions