Update to tar@2.0.0.

Emuentes · bnoordhuis · commit f5d86eb84e01 · 2015-11-04T21:08:25.000+01:00
From https://nodesecurity.io/advisories/57: The tar module earlier than version 2.0.0 allow for archives to contain symbolic links that will overwrite targets outside the expected path for extraction. PR-URL: #797 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
diff --git a/package.json b/package.json
@@ -34,7 +34,7 @@
     "request": "2",
     "rimraf": "2",
     "semver": "2.x || 3.x || 4 || 5",
-    "tar": "^1.0.0",
+    "tar": "^2.0.0",
     "which": "1"
   },
   "engines": {
