chore(deps): bump tar and npm-check-updates

[dependabot]

Removes tar. It's no longer used after updating ancestor dependency npm-check-updates. These dependencies need to be updated together.

Removes tar

Updates npm-check-updates from 7.0.2 to 19.3.1

Release notes

Sourced from npm-check-updates's releases.

v19.3.1

What's Changed

• fix(catalog): use the right yarn config name by @​MKruschke in raineorshine/npm-check-updates#1586

Full Changelog: raineorshine/npm-check-updates@v19.3.0...v19.3.1

v19.3.0

What's Changed

• feat: support yarn catalogs by @​MKruschke in raineorshine/npm-check-updates#1582
• Fixed default catalog behavior.
  • See discussion here: raineorshine/npm-check-updates#1582
  • If you think this is wrong, please open an issue.

Full Changelog: raineorshine/npm-check-updates@v19.2.1...v19.3.0

v19.2.1

Full Changelog: raineorshine/npm-check-updates@v19.2.0...v19.2.1

v19.2.0

What's Changed

• Add --format dep
• Add interactive mode keyboard controls to docs by @​jsoref in raineorshine/npm-check-updates#1577
• Spelling by @​jsoref in raineorshine/npm-check-updates#1578

New Contributors

• @​jsoref made their first contribution in raineorshine/npm-check-updates#1577

Full Changelog: raineorshine/npm-check-updates@v19.1.2...v19.2.0

v19.1.2

What's Changed

• fix: support singular 'catalog' field in pnpm-workspace.yaml by @​afonsojramos in raineorshine/npm-check-updates#1572

New Contributors

• @​afonsojramos made their first contribution in raineorshine/npm-check-updates#1572

Full Changelog: raineorshine/npm-check-updates@v19.1.1...v19.1.2

v19.1.1

What's Changed

• fix(cooldown): handle CooldownFunction in config file by @​SebastianSedzik in raineorshine/npm-check-updates#1565

Full Changelog: raineorshine/npm-check-updates@v19.1.0...v19.1.1

v19.1.0

What's Changed

• feat(cooldown): support for cooldown predicate function by @​SebastianSedzik in raineorshine/npm-check-updates#1563

... (truncated)

Changelog

Sourced from npm-check-updates's changelog.

Changelog

This file only documents major version releases. For smaller releases, you're stuck reading the commit history.

[18.0.0] - 2025-04-21

Breaking

The only breaking change in v18 is with the -g/--global flag.

npm-check-updates -g will now auto-detect your package manager based on the execution path. Previously, it defaulted to npm.

• yarn dlx ncu -g --packageManager yarn → yarn dlx ncu -g
• pnpm dlx ncu --global --packageManager pnpm → pnpm dlx ncu -g
• bunx ncu -g--packageManager pnpm → bunx ncu -g

If for some reason you were running ncu -g with an alternative package manager and relying on it checking the global npm packages, you will need to now explicitly specify npm:

• ncu -g → ncu -g--packageManager npm

Thanks to @​LuisFerLCC for the improvement (#1514).

raineorshine/npm-check-updates@v17.1.18...v18.0.0

[17.0.0] - 2024-07-31

Breaking

• Require node >= 18.18.0
• Deprecated versions are no longer excluded by default, as it requires fetching package info for every published version, significantly slowing down upgrades.
  • You can opt in with --no-deprecated in the CLI or deprecated: false in your ncurc config.
• In workspaces mode, --root is now set by default (#1353)
  • To not check the root package.json, use --no-root.
• If you have a packageManager field in your package.json, it is now upgraded by default (#1390)
  • Use --dep prod,dev,optional for the old behavior.

raineorshine/npm-check-updates@v16.14.20...v17.0.0

[16.0.0] - 2022-07-23

Breaking

• Automatic detection of package data on stdin has been removed. This feature was deprecated in v14.0.0. Add --stdin for old behavior.
• Wild card filters now apply to scoped packages. Previously, ncu -f '*vite*' would not include @vitejs/plugin-react. Now, filters will match any part of the package name, including the scope. Use a more specific glob or regex expression for old behavior.

raineorshine/npm-check-updates@v15.3.4...v16.0.0

[15.0.0] - 2022-06-30

Breaking

... (truncated)

Commits

• f2a8022 19.3.1
• 388deaf fix(catalog): use the right yarn config name (#1586)
• 325ac2f 19.3.0
• 99042d1 feat: support yarn catalogs (#1582)
• 97f349c 19.2.1
• 0251206 Do not assume that --deep is disabled when only one package is found. Fixes #...
• b38f34f 19.2.0
• 7a889b4 --format dep
• 8f04424 Spelling (#1578)
• 536efbf Add interactive mode keyboard controls to docs (#1577)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.