YuriyPent / Cypress-Web-Automation

Cypress Web Automation Testing from Zero to Hero
MIT License
0 stars 0 forks source link

Update dependency node-sass to v7 [SECURITY] #391

Open renovate[bot] opened 3 months ago

renovate[bot] commented 3 months ago

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
node-sass 4.14.1 -> 7.0.0 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2020-24025

Certificate validation in node-sass 2.0.0 to 6.0.1 is disabled when requesting binaries even if the user is not specifying an alternative download path.


Release Notes

sass/node-sass (node-sass) ### [`v7.0.0`](https://redirect.github.com/sass/node-sass/releases/tag/v7.0.0) [Compare Source](https://redirect.github.com/sass/node-sass/compare/v6.0.1...v7.0.0) ##### Breaking changes - Drop support for Node 15 ([@​nschonni](https://redirect.github.com/nschonni)) - Set `rejectUnauthorized` to `true` by default ([@​scott-ut](https://redirect.github.com/scott-ut), [#​3149](https://redirect.github.com/sass/node-sass/issues/3149)) ##### Features - Add support for Node 17 ([@​nschonni](https://redirect.github.com/nschonni)) ##### Dependencies - Bump eslint from 7.32.0 to 8.0.0 ([@​nschonni](https://redirect.github.com/nschonni), [#​3191](https://redirect.github.com/sass/node-sass/issues/3191)) - Bump fs-extra from 0.30.0 to 10.0.0 ([@​nschonni](https://redirect.github.com/nschonni), [#​3102](https://redirect.github.com/sass/node-sass/issues/3102)) - Bump npmlog from 4.1.2 to 5.0.0 ([@​nschonni](https://redirect.github.com/nschonni), [#​3156](https://redirect.github.com/sass/node-sass/issues/3156)) - Bump chalk from 1.1.3 to 4.1.2 ([@​nschonni](https://redirect.github.com/nschonni), [#​3161](https://redirect.github.com/sass/node-sass/issues/3161)) ##### Community - Remove double word "support" from documentation ([@​pzrq](https://redirect.github.com/pzrq), [#​3159](https://redirect.github.com/sass/node-sass/issues/3159)) ##### Misc - Bump various GitHub Actions dependencies ([@​nschonni](https://redirect.github.com/nschonni)) #### Supported Environments | OS | Architecture | Node | | --- | --- | --- | | Windows | x86 & x64 | 12, 14, 16, 17 | | OSX | x64 | 12, 14, 16, 17 | | Linux\* | x64 | 12, 14, 16, 17 | | Alpine Linux | x64 | 12, 14, 16, 17 | | FreeBSD | i386 amd64 | 12, 14 | \*Linux support refers to major distributions like Ubuntu, and Debian ### [`v6.0.1`](https://redirect.github.com/sass/node-sass/releases/tag/v6.0.1) [Compare Source](https://redirect.github.com/sass/node-sass/compare/v6.0.0...v6.0.1) ##### Dependencies - Remove mkdirp ([@​jimmywarting](https://redirect.github.com/jimmywarting), [#​3108](https://redirect.github.com/sass/node-sass/issues/3108)) - Bump meow to 9.0.0 ([@​ykolbin](https://redirect.github.com/ykolbin), [#​3125](https://redirect.github.com/sass/node-sass/issues/3125)) - Bump mocha to 9.0.1 ([@​xzyfer](https://redirect.github.com/xzyfer), [#​3134](https://redirect.github.com/sass/node-sass/issues/3134)) ##### Misc - Use default Apline version from docker-node ([@​nschonni](https://redirect.github.com/nschonni), [#​3121](https://redirect.github.com/sass/node-sass/issues/3121)) #### Supported Environments | OS | Architecture | Node | | --- | --- | --- | | Windows | x86 & x64 | 12, 14, 15, 16 | | OSX | x64 | 12, 14, 15, 16 | | Linux\* | x64 | 12, 14, 15, 16 | | Alpine Linux | x64 | 12, 14, 15, 16 | | FreeBSD | i386 amd64 | 12, 14, 15 | \*Linux support refers to major distributions like Ubuntu, and Debian ### [`v6.0.0`](https://redirect.github.com/sass/node-sass/releases/tag/v6.0.0) [Compare Source](https://redirect.github.com/sass/node-sass/compare/v5.0.0...v6.0.0) ##### Breaking changes - Drop support for Node 10 ([@​nschonni](https://redirect.github.com/nschonni)) - Remove deprecated process.sass API ([@​xzyfer](https://redirect.github.com/xzyfer), [#​2986](https://redirect.github.com/sass/node-sass/issues/2986)) ##### Features - Add support for Node 16 ##### Community - Fix typos in Troubleshooting guide ([@​independencyinjection](https://redirect.github.com/independencyinjection), [#​3051](https://redirect.github.com/sass/node-sass/issues/3051)) - Improve dependabot configuration ([@​nschonni](https://redirect.github.com/nschonni)) #### Supported Environments | OS | Architecture | Node | | --- | --- | --- | | Windows | x86 & x64 | 12, 14, 15, 16 | | OSX | x64 | 12, 14, 15, 16 | | Linux\* | x64 | 12, 14, 15, 16 | | Alpine Linux | x64 | 12, 14, 15, 16 | | FreeBSD | i386 amd64 | 12, 14, 15 | \*Linux support refers to major distributions like Ubuntu, and Debian ### [`v5.0.0`](https://redirect.github.com/sass/node-sass/releases/tag/v5.0.0) [Compare Source](https://redirect.github.com/sass/node-sass/compare/v4.14.1...v5.0.0) ##### Breaking changes - Only support LTS and current Node versions ([@​nschonni](https://redirect.github.com/nschonni)) - Remove deprecated process.sass API ([@​xzyfer](https://redirect.github.com/xzyfer), [#​2986](https://redirect.github.com/sass/node-sass/issues/2986)) ##### Features - Add support for Node 15 - New node-gyp version that supports building with Python 3 ##### Community - More inclusive documentation ([@​rgeerts](https://redirect.github.com/rgeerts), [#​2944](https://redirect.github.com/sass/node-sass/issues/2944)) - Enabled dependabot ([@​nschonni](https://redirect.github.com/nschonni)) - Improve release automation ([@​nschonni](https://redirect.github.com/nschonni)) ##### Fixes - Bumped many dependencies ([@​nschonni](https://redirect.github.com/nschonni)) #### Supported Environments | OS | Architecture | Node | | --- | --- | --- | | Windows | x86 & x64 | 10, 12, 14, 15 | | OSX | x64 | 10, 12, 14, 15 | | Linux\* | x64 | 10, 12, 14, 15 | | Alpine Linux | x64 | 10, 12, 14, 15 | | FreeBSD | i386 amd64 | 10, 12, 14, 15 | \*Linux support refers to major distributions like Ubuntu, and Debian

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.



This PR was generated by Mend Renovate. View the repository job log.