From 5152d7c7b0a2991f19c363231300d535567ddf86 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 29 May 2026 21:35:45 +0000
Subject: [PATCH] build(deps): bump tar from 0.4.45 to 0.4.46

Bumps [tar](https://github.com/composefs/tar-rs) from 0.4.45 to 0.4.46.
- [Release notes](https://github.com/composefs/tar-rs/releases)
- [Commits](https://github.com/composefs/tar-rs/compare/0.4.45...0.4.46)

---
updated-dependencies:
- dependency-name: tar
  dependency-version: 0.4.46
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 Cargo.lock         | 4 ++--
 Cargo.toml         | 2 +-
 src/dfx/Cargo.toml | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index b7c8c8dc6b..a71b922552 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -6763,9 +6763,9 @@ checksum = "55937e1799185b12863d447f42597ed69d9928686b8d88a1df17376a097d8369"
 
 [[package]]
 name = "tar"
-version = "0.4.45"
+version = "0.4.46"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "22692a6476a21fa75fdfc11d452fda482af402c008cdbaf3476414e122040973"
+checksum = "3f6221d9a6003c78398e3b239969f352578258df48c8eb051caadae0015bc840"
 dependencies = [
  "filetime",
  "libc",
diff --git a/Cargo.toml b/Cargo.toml
index c85cf5e6f2..64def51f19 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -77,7 +77,7 @@ sha2 = "0.10.6"
 slog = "2.5.2"
 slog-async = "2.4.0"
 slog-term = "2.9.0"
-tar = "0.4.38"
+tar = "0.4.46"
 semver = "1.0.6"
 tempfile = "3.3.0"
 thiserror = "1.0.24"
diff --git a/src/dfx/Cargo.toml b/src/dfx/Cargo.toml
index fd38b2dc6f..3ba0223bfd 100644
--- a/src/dfx/Cargo.toml
+++ b/src/dfx/Cargo.toml
@@ -24,7 +24,7 @@ reqwest.workspace = true
 semver.workspace = true
 serde = { version = "1.0", features = ["derive"] }
 sha2 = "0.10.6"
-tar = "0.4.26"
+tar = "0.4.46"
 tokio = { version = "1.43.1", features = ["full"] }
 serde_json = "1.0"
 walkdir = "2.3.2"