search

yurikrupnik / mussia8

Mussia8 base project monorepo poc for api gateway
alfred-lake.vercel.app
MIT License
0 stars 0 forks source link

Update dependency node-sass to v7 [SECURITY] - autoclosed #266

Closed renovate[bot] closed 1 year ago

renovate[bot] commented 2 years ago

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
node-sass 6.0.1 -> 7.0.0 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2020-24025

Certificate validation in node-sass 2.0.0 to 6.0.1 is disabled when requesting binaries even if the user is not specifying an alternative download path.

Release Notes

sass/node-sass ### [`v7.0.0`](https://togithub.com/sass/node-sass/releases/tag/v7.0.0) [Compare Source](https://togithub.com/sass/node-sass/compare/v6.0.1...v7.0.0) ##### Breaking changes - Drop support for Node 15 ([@​nschonni](https://togithub.com/nschonni)) - Set `rejectUnauthorized` to `true` by default ([@​scott-ut](https://togithub.com/scott-ut), [#​3149](https://togithub.com/sass/node-sass/issues/3149)) ##### Features - Add support for Node 17 ([@​nschonni](https://togithub.com/nschonni)) ##### Dependencies - Bump eslint from 7.32.0 to 8.0.0 ([@​nschonni](https://togithub.com/nschonni), [#​3191](https://togithub.com/sass/node-sass/issues/3191)) - Bump fs-extra from 0.30.0 to 10.0.0 ([@​nschonni](https://togithub.com/nschonni), [#​3102](https://togithub.com/sass/node-sass/issues/3102)) - Bump npmlog from 4.1.2 to 5.0.0 ([@​nschonni](https://togithub.com/nschonni), [#​3156](https://togithub.com/sass/node-sass/issues/3156)) - Bump chalk from 1.1.3 to 4.1.2 ([@​nschonni](https://togithub.com/nschonni), [#​3161](https://togithub.com/sass/node-sass/issues/3161)) ##### Community - Remove double word "support" from documentation ([@​pzrq](https://togithub.com/pzrq), [#​3159](https://togithub.com/sass/node-sass/issues/3159)) ##### Misc - Bump various GitHub Actions dependencies ([@​nschonni](https://togithub.com/nschonni)) #### Supported Environments | OS | Architecture | Node | | --- | --- | --- | | Windows | x86 & x64 | 12, 14, 16, 17 | | OSX | x64 | 12, 14, 16, 17 | | Linux\* | x64 | 12, 14, 16, 17 | | Alpine Linux | x64 | 12, 14, 16, 17 | | FreeBSD | i386 amd64 | 12, 14 | \*Linux support refers to major distributions like Ubuntu, and Debian

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Mend Renovate. View repository job log here.

vercel[bot] commented 2 years ago

This pull request is being automatically deployed with Vercel (learn more).
To see the status of your deployments, click below or on the icon next to each commit.

alfred – ./packages/ui/clients/alfred

🔍 Inspect: https://vercel.com/yurikrupnik/alfred/42DAsWNVdZ5VpDWcGKvacKCm4cA6
✅ Preview: https://alfred-git-renovate-npm-node-sass-vulnerability-yurikrupnik.vercel.app

batman – ./packages/ui/clients/batman

🔍 Inspect: https://vercel.com/yurikrupnik/batman/8kRujVtAm3uu8TUFDVXWdiTwLA5e
✅ Preview: https://batman-git-renovate-npm-node-sass-vulnerability-yurikrupnik.vercel.app