From 6c0477aacbacfe9cedbdece8d04191e5474aa84a Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 13 Jul 2025 08:57:33 +0000
Subject: [PATCH] fix: deps/npm/package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-SEMVER-3247795
- https://snyk.io/vuln/SNYK-JS-TAR-6476909
- https://snyk.io/vuln/SNYK-JS-NPMREGISTRYFETCH-575432
---
 deps/npm/package.json | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/deps/npm/package.json b/deps/npm/package.json
index 80143f7c53cb65..ca391eecc62abe 100644
--- a/deps/npm/package.json
+++ b/deps/npm/package.json
@@ -72,8 +72,8 @@
     "is-cidr": "^3.0.0",
     "json-parse-better-errors": "^1.0.2",
     "lazy-property": "~1.0.0",
-    "libcipm": "^3.0.3",
-    "libnpm": "^2.0.1",
+    "libcipm": "^4.0.8",
+    "libnpm": "^3.0.1",
     "libnpmhook": "^5.0.2",
     "libnpx": "^10.2.0",
     "lock-verify": "^2.1.0",
@@ -88,13 +88,13 @@
     "mississippi": "^3.0.0",
     "mkdirp": "~0.5.1",
     "move-concurrently": "^1.0.1",
-    "node-gyp": "^3.8.0",
+    "node-gyp": "^5.0.6",
     "nopt": "~4.0.1",
     "normalize-package-data": "^2.5.0",
     "npm-audit-report": "^1.3.2",
     "npm-cache-filename": "~1.0.2",
     "npm-install-checks": "~3.0.0",
-    "npm-lifecycle": "^2.1.0",
+    "npm-lifecycle": "^3.1.5",
     "npm-package-arg": "^6.1.0",
     "npm-packlist": "^1.4.4",
     "npm-pick-manifest": "^2.2.3",
@@ -104,7 +104,7 @@
     "once": "~1.4.0",
     "opener": "^1.5.1",
     "osenv": "^0.1.5",
-    "pacote": "^9.5.1",
+    "pacote": "^10.3.1",
     "path-is-inside": "~1.0.2",
     "promise-inflight": "~1.0.1",
     "qrcode-terminal": "^0.12.0",