From f5d86eb84e01c16f7084018c59441bc1d422b93a Mon Sep 17 00:00:00 2001
From: Edgar Muentes <EdgarJMuentes@Gmail.com>
Date: Wed, 4 Nov 2015 15:00:06 -0500
Subject: [PATCH] Update to tar@2.0.0.

From https://nodesecurity.io/advisories/57:

    The tar module earlier than version 2.0.0 allow for archives to
    contain symbolic links that will overwrite targets outside the
    expected path for extraction.

PR-URL: https://github.com/nodejs/node-gyp/pull/797
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 19f9f3fe77..b787afc60b 100644
--- a/package.json
+++ b/package.json
@@ -34,7 +34,7 @@
     "request": "2",
     "rimraf": "2",
     "semver": "2.x || 3.x || 4 || 5",
-    "tar": "^1.0.0",
+    "tar": "^2.0.0",
     "which": "1"
   },
   "engines": {