Certificate validation in node-sass 2.0.0 to 6.0.1 is disabled when requesting binaries even if the user is not specifying an alternative download path.
Release Notes
sass/node-sass
### [`v7.0.0`](https://togithub.com/sass/node-sass/releases/tag/v7.0.0)
[Compare Source](https://togithub.com/sass/node-sass/compare/v6.0.1...v7.0.0)
##### Breaking changes
- Drop support for Node 15 ([@nschonni](https://togithub.com/nschonni))
- Set `rejectUnauthorized` to `true` by default ([@scott-ut](https://togithub.com/scott-ut), [#3149](https://togithub.com/sass/node-sass/issues/3149))
##### Features
- Add support for Node 17 ([@nschonni](https://togithub.com/nschonni))
##### Dependencies
- Bump eslint from 7.32.0 to 8.0.0 ([@nschonni](https://togithub.com/nschonni), [#3191](https://togithub.com/sass/node-sass/issues/3191))
- Bump fs-extra from 0.30.0 to 10.0.0 ([@nschonni](https://togithub.com/nschonni), [#3102](https://togithub.com/sass/node-sass/issues/3102))
- Bump npmlog from 4.1.2 to 5.0.0 ([@nschonni](https://togithub.com/nschonni), [#3156](https://togithub.com/sass/node-sass/issues/3156))
- Bump chalk from 1.1.3 to 4.1.2 ([@nschonni](https://togithub.com/nschonni), [#3161](https://togithub.com/sass/node-sass/issues/3161))
##### Community
- Remove double word "support" from documentation ([@pzrq](https://togithub.com/pzrq), [#3159](https://togithub.com/sass/node-sass/issues/3159))
##### Misc
- Bump various GitHub Actions dependencies ([@nschonni](https://togithub.com/nschonni))
#### Supported Environments
| OS | Architecture | Node |
| --- | --- | --- |
| Windows | x86 & x64 | 12, 14, 16, 17 |
| OSX | x64 | 12, 14, 16, 17 |
| Linux\* | x64 | 12, 14, 16, 17 |
| Alpine Linux | x64 | 12, 14, 16, 17 |
| FreeBSD | i386 amd64 | 12, 14 |
\*Linux support refers to major distributions like Ubuntu, and Debian
### [`v6.0.1`](https://togithub.com/sass/node-sass/releases/tag/v6.0.1)
[Compare Source](https://togithub.com/sass/node-sass/compare/v6.0.0...v6.0.1)
##### Dependencies
- Remove mkdirp ([@jimmywarting](https://togithub.com/jimmywarting), [#3108](https://togithub.com/sass/node-sass/issues/3108))
- Bump meow to 9.0.0 ([@ykolbin](https://togithub.com/ykolbin), [#3125](https://togithub.com/sass/node-sass/issues/3125))
- Bump mocha to 9.0.1 ([@xzyfer](https://togithub.com/xzyfer), [#3134](https://togithub.com/sass/node-sass/issues/3134))
##### Misc
- Use default Apline version from docker-node ([@nschonni](https://togithub.com/nschonni), [#3121](https://togithub.com/sass/node-sass/issues/3121))
#### Supported Environments
| OS | Architecture | Node |
| --- | --- | --- |
| Windows | x86 & x64 | 12, 14, 15, 16 |
| OSX | x64 | 12, 14, 15, 16 |
| Linux\* | x64 | 12, 14, 15, 16 |
| Alpine Linux | x64 | 12, 14, 15, 16 |
| FreeBSD | i386 amd64 | 12, 14, 15 |
\*Linux support refers to major distributions like Ubuntu, and Debian
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
6.0.0
->7.0.0
GitHub Vulnerability Alerts
CVE-2020-24025
Certificate validation in node-sass 2.0.0 to 6.0.1 is disabled when requesting binaries even if the user is not specifying an alternative download path.
Release Notes
sass/node-sass
### [`v7.0.0`](https://togithub.com/sass/node-sass/releases/tag/v7.0.0) [Compare Source](https://togithub.com/sass/node-sass/compare/v6.0.1...v7.0.0) ##### Breaking changes - Drop support for Node 15 ([@nschonni](https://togithub.com/nschonni)) - Set `rejectUnauthorized` to `true` by default ([@scott-ut](https://togithub.com/scott-ut), [#3149](https://togithub.com/sass/node-sass/issues/3149)) ##### Features - Add support for Node 17 ([@nschonni](https://togithub.com/nschonni)) ##### Dependencies - Bump eslint from 7.32.0 to 8.0.0 ([@nschonni](https://togithub.com/nschonni), [#3191](https://togithub.com/sass/node-sass/issues/3191)) - Bump fs-extra from 0.30.0 to 10.0.0 ([@nschonni](https://togithub.com/nschonni), [#3102](https://togithub.com/sass/node-sass/issues/3102)) - Bump npmlog from 4.1.2 to 5.0.0 ([@nschonni](https://togithub.com/nschonni), [#3156](https://togithub.com/sass/node-sass/issues/3156)) - Bump chalk from 1.1.3 to 4.1.2 ([@nschonni](https://togithub.com/nschonni), [#3161](https://togithub.com/sass/node-sass/issues/3161)) ##### Community - Remove double word "support" from documentation ([@pzrq](https://togithub.com/pzrq), [#3159](https://togithub.com/sass/node-sass/issues/3159)) ##### Misc - Bump various GitHub Actions dependencies ([@nschonni](https://togithub.com/nschonni)) #### Supported Environments | OS | Architecture | Node | | --- | --- | --- | | Windows | x86 & x64 | 12, 14, 16, 17 | | OSX | x64 | 12, 14, 16, 17 | | Linux\* | x64 | 12, 14, 16, 17 | | Alpine Linux | x64 | 12, 14, 16, 17 | | FreeBSD | i386 amd64 | 12, 14 | \*Linux support refers to major distributions like Ubuntu, and Debian ### [`v6.0.1`](https://togithub.com/sass/node-sass/releases/tag/v6.0.1) [Compare Source](https://togithub.com/sass/node-sass/compare/v6.0.0...v6.0.1) ##### Dependencies - Remove mkdirp ([@jimmywarting](https://togithub.com/jimmywarting), [#3108](https://togithub.com/sass/node-sass/issues/3108)) - Bump meow to 9.0.0 ([@ykolbin](https://togithub.com/ykolbin), [#3125](https://togithub.com/sass/node-sass/issues/3125)) - Bump mocha to 9.0.1 ([@xzyfer](https://togithub.com/xzyfer), [#3134](https://togithub.com/sass/node-sass/issues/3134)) ##### Misc - Use default Apline version from docker-node ([@nschonni](https://togithub.com/nschonni), [#3121](https://togithub.com/sass/node-sass/issues/3121)) #### Supported Environments | OS | Architecture | Node | | --- | --- | --- | | Windows | x86 & x64 | 12, 14, 15, 16 | | OSX | x64 | 12, 14, 15, 16 | | Linux\* | x64 | 12, 14, 15, 16 | | Alpine Linux | x64 | 12, 14, 15, 16 | | FreeBSD | i386 amd64 | 12, 14, 15 | \*Linux support refers to major distributions like Ubuntu, and DebianConfiguration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.