Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update dependency node-sass to v7 [security] #111

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

chore(deps): update dependency node-sass to v7 [security] #111

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Sep 6, 2022
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
node-sass ^4.14.0 -> ^7.0.0 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2020-24025

Certificate validation in node-sass 2.0.0 to 6.0.1 is disabled when requesting binaries even if the user is not specifying an alternative download path.

Release Notes

sass/node-sass (node-sass)

v7.0.0

Compare Source

Breaking changes
Features
Dependencies
Community
Misc

Supported Environments

OS Architecture Node
Windows x86 & x64 12, 14, 16, 17
OSX x64 12, 14, 16, 17
Linux* x64 12, 14, 16, 17
Alpine Linux x64 12, 14, 16, 17
FreeBSD i386 amd64 12, 14

*Linux support refers to major distributions like Ubuntu, and Debian

v6.0.1

Compare Source

Dependencies
Misc

Supported Environments

OS Architecture Node
Windows x86 & x64 12, 14, 15, 16
OSX x64 12, 14, 15, 16
Linux* x64 12, 14, 15, 16
Alpine Linux x64 12, 14, 15, 16
FreeBSD i386 amd64 12, 14, 15

*Linux support refers to major distributions like Ubuntu, and Debian

v6.0.0

Compare Source

Breaking changes
Features
  • Add support for Node 16
Community

Supported Environments

OS Architecture Node
Windows x86 & x64 12, 14, 15, 16
OSX x64 12, 14, 15, 16
Linux* x64 12, 14, 15, 16
Alpine Linux x64 12, 14, 15, 16
FreeBSD i386 amd64 12, 14, 15

*Linux support refers to major distributions like Ubuntu, and Debian

v5.0.0

Compare Source

Breaking changes
Features
  • Add support for Node 15
  • New node-gyp version that supports building with Python 3
Community
Fixes

Supported Environments

OS Architecture Node
Windows x86 & x64 10, 12, 14, 15
OSX x64 10, 12, 14, 15
Linux* x64 10, 12, 14, 15
Alpine Linux x64 10, 12, 14, 15
FreeBSD i386 amd64 10, 12, 14, 15

*Linux support refers to major distributions like Ubuntu, and Debian

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the maintenance label Sep 6, 2022
@snyk-bot snyk-bot mentioned this pull request Feb 17, 2023
Merged
@renovate renovate bot changed the title build(deps): update dependency node-sass to 7.0.0 [security] chore(deps): update dependency node-sass to v7 [security] Apr 3, 2023
@renovate renovate bot force-pushed the renovate/npm-node-sass-vulnerability branch 7 times, most recently from ef1125d to c85ed00 Compare July 23, 2024 17:30
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Jul 23, 2024
edited
Loading

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: package-lock.json
npm ERR! code ERESOLVE
npm ERR! ERESOLVE could not resolve
npm ERR! 
npm ERR! While resolving: sass-loader@8.0.2
npm ERR! Found: node-sass@7.0.3
npm ERR! node_modules/node-sass
npm ERR!   dev node-sass@"^7.0.0" from the root project
npm ERR! 
npm ERR! Could not resolve dependency:
npm ERR! peerOptional node-sass@"^4.0.0" from sass-loader@8.0.2
npm ERR! node_modules/sass-loader
npm ERR!   dev sass-loader@"^8.0.2" from the root project
npm ERR! 
npm ERR! Conflicting peer dependency: node-sass@4.14.1
npm ERR! node_modules/node-sass
npm ERR!   peerOptional node-sass@"^4.0.0" from sass-loader@8.0.2
npm ERR!   node_modules/sass-loader
npm ERR!     dev sass-loader@"^8.0.2" from the root project
npm ERR! 
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR! 
npm ERR! See /tmp/renovate/cache/others/npm/eresolve-report.txt for a full report.

npm ERR! A complete log of this run can be found in:
npm ERR!     /tmp/renovate/cache/others/npm/_logs/2024-09-25T20_59_15_059Z-debug-0.log

@renovate renovate bot force-pushed the renovate/npm-node-sass-vulnerability branch 2 times, most recently from 7a17332 to 8f15c0c Compare July 23, 2024 18:20
@renovate renovate bot force-pushed the renovate/npm-node-sass-vulnerability branch from 8f15c0c to 1786593 Compare September 25, 2024 20:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
breaking change maintenance
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@wolfy1339