diff --git a/node_modules/pacote/lib/fetcher.js b/node_modules/pacote/lib/fetcher.js
index fe5679f00a0a1..4852564d0445d 100644
--- a/node_modules/pacote/lib/fetcher.js
+++ b/node_modules/pacote/lib/fetcher.js
@@ -425,7 +425,7 @@ class FetcherBase {
     return ((mode | m) & ~this.umask) | exe | 0o600
   }
 
-  [_tarxOptions] ({ cwd, uid, gid }) {
+  [_tarxOptions] ({ cwd }) {
     const sawIgnores = new Set()
     return {
       cwd,
@@ -460,9 +460,9 @@ class FetcherBase {
         log.warn('tar', code, msg)
         log.silly('tar', code, msg, data)
       },
-      uid,
-      gid,
       umask: this.umask,
+      // always ignore ownership info from tarball metadata
+      preserveOwner: false,
     }
   }
 }
diff --git a/node_modules/pacote/package.json b/node_modules/pacote/package.json
index c09fbda86aa1d..8a89a1dd612c8 100644
--- a/node_modules/pacote/package.json
+++ b/node_modules/pacote/package.json
@@ -1,6 +1,6 @@
 {
   "name": "pacote",
-  "version": "15.1.0",
+  "version": "15.1.1",
   "description": "JavaScript package downloader",
   "author": "GitHub Inc.",
   "bin": {
diff --git a/package-lock.json b/package-lock.json
index 4cc9c0d86c4c2..8ce9d061a6eeb 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -133,7 +133,7 @@
         "npm-user-validate": "^2.0.0",
         "npmlog": "^7.0.1",
         "p-map": "^4.0.0",
-        "pacote": "^15.1.0",
+        "pacote": "^15.1.1",
         "parse-conflict-json": "^3.0.0",
         "proc-log": "^3.0.0",
         "qrcode-terminal": "^0.12.0",
@@ -9870,9 +9870,9 @@
       }
     },
     "node_modules/pacote": {
-      "version": "15.1.0",
-      "resolved": "https://registry.npmjs.org/pacote/-/pacote-15.1.0.tgz",
-      "integrity": "sha512-FFcjtIl+BQNfeliSm7MZz5cpdohvUV1yjGnqgVM4UnVF7JslRY0ImXAygdaCDV0jjUADEWu4y5xsDV8brtrTLg==",
+      "version": "15.1.1",
+      "resolved": "https://registry.npmjs.org/pacote/-/pacote-15.1.1.tgz",
+      "integrity": "sha512-eeqEe77QrA6auZxNHIp+1TzHQ0HBKf5V6c8zcaYZ134EJe1lCi+fjXATkNiEEfbG+e50nu02GLvUtmZcGOYabQ==",
       "inBundle": true,
       "dependencies": {
         "@npmcli/git": "^4.0.0",
diff --git a/package.json b/package.json
index ec375de8794d2..f82165796b18c 100644
--- a/package.json
+++ b/package.json
@@ -102,7 +102,7 @@
     "npm-user-validate": "^2.0.0",
     "npmlog": "^7.0.1",
     "p-map": "^4.0.0",
-    "pacote": "^15.1.0",
+    "pacote": "^15.1.1",
     "parse-conflict-json": "^3.0.0",
     "proc-log": "^3.0.0",
     "qrcode-terminal": "^0.12.0",