chore(deps): update dependency node-sass to v7 [security]

This PR contains the following updates:

Package	Type	Update	Change	OpenSSF
node-sass	devDependencies	major	`4.14.1` -> `7.0.0`

GitHub Vulnerability Alerts

CVE-2020-24025

Certificate validation in node-sass 2.0.0 to 6.0.1 is disabled when requesting binaries even if the user is not specifying an alternative download path.

Improper Certificate Validation in node-sass

CVE-2020-24025 / GHSA-r8f7-9pfq-mjmv

More information

#### Details Certificate validation in node-sass 2.0.0 to 6.0.1 is disabled when requesting binaries even if the user is not specifying an alternative download path. #### Severity - CVSS Score: 5.3 / 10 (Medium) - Vector String: `CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N` #### References - [https://nvd.nist.gov/vuln/detail/CVE-2020-24025](https://nvd.nist.gov/vuln/detail/CVE-2020-24025) - [https://github.com/sass/node-sass/issues/3067](https://redirect.github.com/sass/node-sass/issues/3067) - [https://github.com/sass/node-sass/pull/3149](https://redirect.github.com/sass/node-sass/pull/3149) - [https://github.com/sass/node-sass/pull/567#issuecomment-656609236](https://redirect.github.com/sass/node-sass/pull/567#issuecomment-656609236) - [https://github.com/sass/node-sass/commit/0a21792803639851b480fbd8cbcb5540ef974387](https://redirect.github.com/sass/node-sass/commit/0a21792803639851b480fbd8cbcb5540ef974387) - [https://github.com/sass/node-sass](https://redirect.github.com/sass/node-sass) - [https://github.com/sass/node-sass/releases/tag/v7.0.0](https://redirect.github.com/sass/node-sass/releases/tag/v7.0.0) This data is provided by [OSV](https://osv.dev/vulnerability/GHSA-r8f7-9pfq-mjmv) and the [GitHub Advisory Database](https://redirect.github.com/github/advisory-database) ([CC-BY 4.0](https://redirect.github.com/github/advisory-database/blob/main/LICENSE.md)).

Release Notes

sass/node-sass (node-sass)

### [`v7.0.0`](https://redirect.github.com/sass/node-sass/releases/tag/v7.0.0) [Compare Source](https://redirect.github.com/sass/node-sass/compare/v6.0.1...v7.0.0) ##### Breaking changes - Drop support for Node 15 ([@nschonni](https://redirect.github.com/nschonni)) - Set `rejectUnauthorized` to `true` by default ([@scott-ut](https://redirect.github.com/scott-ut), [#3149](https://redirect.github.com/sass/node-sass/issues/3149)) ##### Features - Add support for Node 17 ([@nschonni](https://redirect.github.com/nschonni)) ##### Dependencies - Bump eslint from 7.32.0 to 8.0.0 ([@nschonni](https://redirect.github.com/nschonni), [#3191](https://redirect.github.com/sass/node-sass/issues/3191)) - Bump fs-extra from 0.30.0 to 10.0.0 ([@nschonni](https://redirect.github.com/nschonni), [#3102](https://redirect.github.com/sass/node-sass/issues/3102)) - Bump npmlog from 4.1.2 to 5.0.0 ([@nschonni](https://redirect.github.com/nschonni), [#3156](https://redirect.github.com/sass/node-sass/issues/3156)) - Bump chalk from 1.1.3 to 4.1.2 ([@nschonni](https://redirect.github.com/nschonni), [#3161](https://redirect.github.com/sass/node-sass/issues/3161)) ##### Community - Remove double word "support" from documentation ([@pzrq](https://redirect.github.com/pzrq), [#3159](https://redirect.github.com/sass/node-sass/issues/3159)) ##### Misc - Bump various GitHub Actions dependencies ([@nschonni](https://redirect.github.com/nschonni)) #### Supported Environments | OS | Architecture | Node | | --- | --- | --- | | Windows | x86 & x64 | 12, 14, 16, 17 | | OSX | x64 | 12, 14, 16, 17 | | Linux\* | x64 | 12, 14, 16, 17 | | Alpine Linux | x64 | 12, 14, 16, 17 | | FreeBSD | i386 amd64 | 12, 14 | \*Linux support refers to major distributions like Ubuntu, and Debian ### [`v6.0.1`](https://redirect.github.com/sass/node-sass/releases/tag/v6.0.1) [Compare Source](https://redirect.github.com/sass/node-sass/compare/v6.0.0...v6.0.1) ##### Dependencies - Remove mkdirp ([@jimmywarting](https://redirect.github.com/jimmywarting), [#3108](https://redirect.github.com/sass/node-sass/issues/3108)) - Bump meow to 9.0.0 ([@ykolbin](https://redirect.github.com/ykolbin), [#3125](https://redirect.github.com/sass/node-sass/issues/3125)) - Bump mocha to 9.0.1 ([@xzyfer](https://redirect.github.com/xzyfer), [#3134](https://redirect.github.com/sass/node-sass/issues/3134)) ##### Misc - Use default Apline version from docker-node ([@nschonni](https://redirect.github.com/nschonni), [#3121](https://redirect.github.com/sass/node-sass/issues/3121)) #### Supported Environments | OS | Architecture | Node | | --- | --- | --- | | Windows | x86 & x64 | 12, 14, 15, 16 | | OSX | x64 | 12, 14, 15, 16 | | Linux\* | x64 | 12, 14, 15, 16 | | Alpine Linux | x64 | 12, 14, 15, 16 | | FreeBSD | i386 amd64 | 12, 14, 15 | \*Linux support refers to major distributions like Ubuntu, and Debian ### [`v6.0.0`](https://redirect.github.com/sass/node-sass/releases/tag/v6.0.0) [Compare Source](https://redirect.github.com/sass/node-sass/compare/v5.0.0...v6.0.0) ##### Breaking changes - Drop support for Node 10 ([@nschonni](https://redirect.github.com/nschonni)) - Remove deprecated process.sass API ([@xzyfer](https://redirect.github.com/xzyfer), [#2986](https://redirect.github.com/sass/node-sass/issues/2986)) ##### Features - Add support for Node 16 ##### Community - Fix typos in Troubleshooting guide ([@independencyinjection](https://redirect.github.com/independencyinjection), [#3051](https://redirect.github.com/sass/node-sass/issues/3051)) - Improve dependabot configuration ([@nschonni](https://redirect.github.com/nschonni)) #### Supported Environments | OS | Architecture | Node | | --- | --- | --- | | Windows | x86 & x64 | 12, 14, 15, 16 | | OSX | x64 | 12, 14, 15, 16 | | Linux\* | x64 | 12, 14, 15, 16 | | Alpine Linux | x64 | 12, 14, 15, 16 | | FreeBSD | i386 amd64 | 12, 14, 15 | \*Linux support refers to major distributions like Ubuntu, and Debian ### [`v5.0.0`](https://redirect.github.com/sass/node-sass/releases/tag/v5.0.0) [Compare Source](https://redirect.github.com/sass/node-sass/compare/v4.14.1...v5.0.0) ##### Breaking changes - Only support LTS and current Node versions ([@nschonni](https://redirect.github.com/nschonni)) - Remove deprecated process.sass API ([@xzyfer](https://redirect.github.com/xzyfer), [#2986](https://redirect.github.com/sass/node-sass/issues/2986)) ##### Features - Add support for Node 15 - New node-gyp version that supports building with Python 3 ##### Community - More inclusive documentation ([@rgeerts](https://redirect.github.com/rgeerts), [#2944](https://redirect.github.com/sass/node-sass/issues/2944)) - Enabled dependabot ([@nschonni](https://redirect.github.com/nschonni)) - Improve release automation ([@nschonni](https://redirect.github.com/nschonni)) ##### Fixes - Bumped many dependencies ([@nschonni](https://redirect.github.com/nschonni)) #### Supported Environments | OS | Architecture | Node | | --- | --- | --- | | Windows | x86 & x64 | 10, 12, 14, 15 | | OSX | x64 | 10, 12, 14, 15 | | Linux\* | x64 | 10, 12, 14, 15 | | Alpine Linux | x64 | 10, 12, 14, 15 | | FreeBSD | i386 amd64 | 10, 12, 14, 15 | \*Linux support refers to major distributions like Ubuntu, and Debian

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

travi-org / admin.travi.org