fix(deps): bump tar to >=7.5.8 to address CVE-2026-26960 (#36280)

Author: mainframev

package.json

@@ -366,7 +366,7 @@
     "**/tar-fs": "^2.1.4",
     "jackspeak": "2.1.1",
     "**/micromatch/braces": "^3.0.3",
-    "**/just-scripts-utils/tar": "^7.5.7",
+    "**/just-scripts-utils/tar": "^7.5.8",
     "**/body-parser/qs": "^6.14.2",
     "**/@cypress/request/qs": "^6.14.2"
   },

yarn.lock

@@ -19337,10 +19337,10 @@ tar-stream@^3.1.7:
     fast-fifo "^1.2.0"
     streamx "^2.15.0"
 
-tar@^6.1.9, tar@^7.5.7:
-  version "7.5.7"
-  resolved "https://registry.yarnpkg.com/tar/-/tar-7.5.7.tgz#adf99774008ba1c89819f15dbd6019c630539405"
-  integrity sha512-fov56fJiRuThVFXD6o6/Q354S7pnWMJIVlDBYijsTNx6jKSE4pvrDTs6lUnmGvNyfJwFQQwWy3owKz1ucIhveQ==
+tar@^6.1.9, tar@^7.5.8:
+  version "7.5.16"
+  resolved "https://registry.yarnpkg.com/tar/-/tar-7.5.16.tgz#f11e063afed4554f758049d082909e37d6b53ced"
+  integrity sha512-56adEpPMouktRlBLXiaYFFzZ/3+JXa8P9n7WbR+ibIjtviN55mEaOkiysCnPnWm+7kkui1Dn8J9l+g6zV8731w==
   dependencies:
     "@isaacs/fs-minipass" "^4.0.0"
     chownr "^3.0.0"