Bump tar, npm and node-sass

[dependabot[bot]]

Bumps tar to 6.1.12 and updates ancestor dependencies tar, npm and node-sass. These dependencies need to be updated together.

Updates tar from 4.4.8 to 6.1.12

Release notes

Sourced from tar's releases.

v6.1.12

6.1.12 (2022-10-31)

Bug Fixes

• 57493ee #332 ensuring close event is emited after stream has ended (@​webark)
• b003c64 #314 replace deprecated String.prototype.substr() (#314) (@​CommanderRoot, @​lukekarrys)

Documentation

• f129929 #313 remove dead link to benchmarks (#313) (@​yetzt)
• c1faa9f add examples/explanation of using tar.t (@​isaacs)

Changelog

Sourced from tar's changelog.

6.1.12 (2022-10-31)

Bug Fixes

• 57493ee #332 ensuring close event is emited after stream has ended (@​webark)
• b003c64 #314 replace deprecated String.prototype.substr() (#314) (@​CommanderRoot, @​lukekarrys)

Documentation

• f129929 #313 remove dead link to benchmarks (#313) (@​yetzt)
• c1faa9f add examples/explanation of using tar.t (@​isaacs)

6.0

• Drop support for node 6 and 8
• fix symlinks and hardlinks on windows being packed with \-style path targets

5.0

• Address unpack race conditions using path reservations
• Change large-numbers errors from TypeError to Error
• Add TAR_* error codes
• Raise TAR_BAD_ARCHIVE warning/error when there are no valid entries found in an archive
• do not treat ignored entries as an invalid archive
• drop support for node v4
• unpack: conditionally use a file mapping to write files on Windows
• Set more portable 'mode' value in portable mode
• Set portable gzip option in portable mode

4.4

• Add 'mtime' option to tar creation to force mtime
• unpack: only reuse file fs entries if nlink = 1
• unpack: rename before unlinking files on Windows
• Fix encoding/decoding of base-256 numbers
• Use stat instead of lstat when checking CWD
• Always provide a callback to fs.close()

4.3

• Add 'transform' unpack option

4.2

• Fail when zlib fails

4.1

... (truncated)

Commits

• 001eafb chore: release 6.1.12
• ac1026a chore: dry up template-oss config
• 2e45b11 chore: use a local instead of remote file for test
• 79378ef chore: postinstall for dependabot template-oss PR
• eaea26d chore: bump @​npmcli/template-oss from 4.7.1 to 4.8.0
• 57493ee fix: ensuring close event is emited after stream has ended
• 1e3fadf chore: postinstall for dependabot template-oss PR
• 24045dc chore: bump @​npmcli/template-oss from 4.6.2 to 4.7.1
• b003c64 fix: replace deprecated String.prototype.substr() (#314)
• d9edb34 chore: postinstall for dependabot template-oss PR
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for tar since your current version.

Updates npm from 6.14.8 to 6.14.17

Changelog

Sourced from npm's changelog.

6.14.17 (2022-04-28)

DEPENDENCIES

• a869ec48b ansi-regex@4.1.1
• a869ec48b minimist@1.2.6

6.14.16 (2022-01-19)

CHORE

• 0afe4f12f update one-time password prompt (@​ruyadorno)

DEPENDENCIES

• 2c534f801 json-schema@0.4.0

6.14.15 (2021-08-23)

DEPENDENCIES

• 8160e6e4b path-parse@1.0.7
• 3079f5038 tar@4.4.1

6.14.14 (2021-07-27)

DEPENDENCIES

• 4627c0670 tar@4.4.15

6.14.13 (2021-04-08)

DEPENDENCIES

• 285ab3f65 hosted-git-info@2.8.9
• 63b5c56c5 ssri@6.0.2

6.14.12 (2021-03-25)

... (truncated)

Commits

• 97497f1 6.14.17
• b2ba3e1 docs: changelog for v6.14.17
• 6113d84 chore: fix up git dep tests
• a869ec4 chore: update deps based on critical audit fixes
• 6996eca 6.14.16
• 5983545 docs: changelog for v6.14.16
• 07b0085 deps: json-schema@0.4.0
• 651b8de chore: update one-time password prompt
• 1a6d2f4 chore(ci): avoid running parallel test on windows
• 5848324 chore: fix tests
• Additional commits viewable in compare view

Updates node-sass from 4.14.1 to 8.0.0

Release notes

Sourced from node-sass's releases.

v8.0.0

What's Changed

• Fix binaries being partially downloaded by @​xzyfer in sass/node-sass#3313
• Bump node-gyp and nan for node 19 support by @​xzyfer in sass/node-sass#3314
• feat: Node 18 and 19 support and drop Node 17 by @​nschonni in sass/node-sass#3257

Breaking changes

• Drop support for Node 12 (@​nschonni)
• Drop support for Node 17 (@​nschonni)
• Set rejectUnauthorized to true by default (@​scott-ut, #3149)

Features

• Add support for Node 18 (@​nschonni)
• Add support for Node 19 (@​nschonni)
• Replace request with make-fetch-happen (@​CamilleDrapier @​xzyfer, #3193, #3313)

Dependencies

• Bump true-case-path@2.2.1
• Bump node-gyp @​9.0.0
• Bump nan@^2.17.0
• Bump sass-graph@^4.0.1

Misc

• Bump various GitHub Actions dependencies (@​nschonni)

Supported Environments

OS	Architecture	Node
Windows	x86 & x64	14, 16, 18, 19
OSX	x64	14, 16, 18, 19
Linux*	x64	14, 16, 18, 19
Alpine Linux	x64	14, 16, 18, 19
FreeBSD	i386 amd64	12, 14

*Linux support refers to major distributions like Ubuntu, and Debian

v7.0.3

Dependencies

• Bump sass-graph from 4.0.0 to ^4.0.1

Supported Environments

| OS | Architecture | Node |

... (truncated)

Commits

• ee13eb9 8.0.0
• 98e75b3 feat: Node 18 and 19 support and drop Node 17 (#3257)
• e9bb866 Bump node-gyp and nan for node 19 support (#3314)
• ab7840b Fix binaries being partially downloaded (#3313)
• d595abf 7.0.3
• 3b556c1 7.0.2
• c716359 Bump sass-graph@^4.0.1 (#3292)
• 24741b3 docs(readme): fix docpad plugin link
• 1523330 feat: Drop Node 12
• 365d357 update https://registry.npm.taobao.org to https://registry.npmmirror.com
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/lansingcodes/www/network/alerts).

[egillespie]

Tests failing, won't merge.

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.