chore(deps): Update tar override to 7.5.7 to address vulnerability CVE-2026-24842 (#308)

* chore(deps): Update tar override to 7.5.7 to address vulnerability CVE-2026-24842
* chore(deps): Add eslint exception for vulnerability CVE-2025-50537

Stack Overflow in RuleTester.run() when serializing objects with
circular references. Accepted risk: dev-only dependency, requires
local access and user interaction, only affects test authoring.

Author: Artmann

.nsprc

@@ -10,5 +10,9 @@
     "GHSA-g9mf-h72j-4rw9": {
         "notes": "undici DoS via unbounded decompression chain. Accepted risk: dev-only transitive dependency (@actions/core, @actions/github), only affects CI/CD workflows, not bundled in extension.",
         "expiry": "2026-04-15"
+    },
+    "GHSA-p5wg-g6qr-c7cg": {
+        "notes": "CVE-2025-50537: eslint Stack Overflow in RuleTester.run() when serializing objects with circular references. Accepted risk: dev-only dependency, requires local access and user interaction, only affects test authoring, not bundled in extension.",
+        "expiry": "2026-04-15"
     }
 }

package-lock.json

@@ -2876,7 +2876,7 @@
         "d3-color": "3.1.0",
         "vega-embed": "^7.1.0",
         "@mermaid-js/layout-elk": "npm:empty-pkg@1.0.0",
-        "tar@<7.5.4": "7.5.4",
+        "tar": "7.5.7",
         "lodash-es": "^4.17.23"
     }
 }