This is a security release.
These are vulnerabilities in the node-tar, arborist, and npm cli modules which
are related to the initial reports and subsequent remediation of node-tar
vulnerabilities CVE-2021-32803 and CVE-2021-32804.
Subsequent internal security review of node-tar and additional external bounty
reports have resulted in another 5 CVE being remediated in core npm CLI
dependencies including node-tar, and npm arborist.
FreeBSD-specific note: As c-ares does not expose ares_nameser.h to the public yet, add it as a local patch and is to be removed once c-ares will install the file (scheduled for version 1.17.3)