chore(deps): update dependency node-sass to v9 [security] - autoclosed

[alma-renovate-bot]

This PR contains the following updates:

Package	Type	Update	Change	Age	Confidence
node-sass	devDependencies	major	^4.12.0 -> ^9.0.0

GitHub Vulnerability Alerts

CVE-2020-24025

Certificate validation in node-sass 2.0.0 to 6.0.1 is disabled when requesting binaries even if the user is not specifying an alternative download path.

---

Release Notes

sass/node-sass (node-sass)

v9.0.0

Compare Source

What's Changed

• Node 20 support by @​nschonni in https://github.com/sass/node-sass/pull/3355

Breaking changes

• Drop support for Node 14 (@​nschonni)

Supported Environments

OS	Architecture	Node
Windows	x86 & x64	16, 18, 19, 20
OSX	x64	16, 18, 19, 20
Linux*	x64	16, 18, 19, 20
Alpine Linux	x64	16, 18, 19, 20

*Linux support refers to major distributions like Ubuntu, and Debian

v8.0.0

Compare Source

What's Changed

• Fix binaries being partially downloaded by @​xzyfer in https://github.com/sass/node-sass/pull/3313
• Bump node-gyp and nan for node 19 support by @​xzyfer in https://github.com/sass/node-sass/pull/3314
• feat: Node 18 and 19 support and drop Node 17 by @​nschonni in https://github.com/sass/node-sass/pull/3257

Breaking changes

• Drop support for Node 12 (@​nschonni)
• Drop support for Node 17 (@​nschonni)
• Set rejectUnauthorized to true by default (@​scott-ut, #​3149)

Features

• Add support for Node 18 (@​nschonni)
• Add support for Node 19 (@​nschonni)
• Replace request with make-fetch-happen (@​CamilleDrapier @​xzyfer, #​3193, #​3313)

Dependencies

• Bump [email protected]
• Bump node-gyp @​9.0.0
• Bump nan@^2.17.0
• Bump sass-graph@^4.0.1

Misc

• Bump various GitHub Actions dependencies (@​nschonni)

Supported Environments

OS	Architecture	Node
Windows	x86 & x64	14, 16, 18, 19
OSX	x64	14, 16, 18, 19
Linux*	x64	14, 16, 18, 19
Alpine Linux	x64	14, 16, 18, 19
FreeBSD	i386 amd64	12, 14

*Linux support refers to major distributions like Ubuntu, and Debian

v7.0.3

Compare Source

Dependencies

• Bump sass-graph from 4.0.0 to ^4.0.1

Supported Environments

OS	Architecture	Node
Windows	x86 & x64	12, 14, 16, 17
OSX	x64	12, 14, 16, 17
Linux*	x64	12, 14, 16, 17
Alpine Linux	x64	12, 14, 16, 17
FreeBSD	i386 amd64	12, 14

*Linux support refers to major distributions like Ubuntu, and Debian

v7.0.2

Compare Source

This release has been unpublished

v7.0.1

Compare Source

Dependencies

• Bump node-gyp from 7.1.2 to 8.4.1
• Bump sass-graph from 2.2.5 to 4.0.0

Supported Environments

OS	Architecture	Node
Windows	x86 & x64	12, 14, 16, 17
OSX	x64	12, 14, 16, 17
Linux*	x64	12, 14, 16, 17
Alpine Linux	x64	12, 14, 16, 17
FreeBSD	i386 amd64	12, 14

*Linux support refers to major distributions like Ubuntu, and Debian

v7.0.0

Compare Source

Breaking changes

• Drop support for Node 15 (@​nschonni)
• Set rejectUnauthorized to true by default (@​scott-ut, #​3149)

Features

• Add support for Node 17 (@​nschonni)

Dependencies

• Bump eslint from 7.32.0 to 8.0.0 (@​nschonni, #​3191)
• Bump fs-extra from 0.30.0 to 10.0.0 (@​nschonni, #​3102)
• Bump npmlog from 4.1.2 to 5.0.0 (@​nschonni, #​3156)
• Bump chalk from 1.1.3 to 4.1.2 (@​nschonni, #​3161)

Community

• Remove double word "support" from documentation (@​pzrq, #​3159)

Misc

• Bump various GitHub Actions dependencies (@​nschonni)

Supported Environments

OS	Architecture	Node
Windows	x86 & x64	12, 14, 16, 17
OSX	x64	12, 14, 16, 17
Linux*	x64	12, 14, 16, 17
Alpine Linux	x64	12, 14, 16, 17
FreeBSD	i386 amd64	12, 14

*Linux support refers to major distributions like Ubuntu, and Debian

v6.0.1

Compare Source

Dependencies

• Remove mkdirp (@​jimmywarting, #​3108)
• Bump meow to 9.0.0 (@​ykolbin, #​3125)
• Bump mocha to 9.0.1 (@​xzyfer, #​3134)

Misc

• Use default Apline version from docker-node (@​nschonni, #​3121)

Supported Environments

OS	Architecture	Node
Windows	x86 & x64	12, 14, 15, 16
OSX	x64	12, 14, 15, 16
Linux*	x64	12, 14, 15, 16
Alpine Linux	x64	12, 14, 15, 16
FreeBSD	i386 amd64	12, 14, 15

*Linux support refers to major distributions like Ubuntu, and Debian

v6.0.0

Compare Source

Breaking changes

• Drop support for Node 10 (@​nschonni)
• Remove deprecated process.sass API (@​xzyfer, #​2986)

Features

• Add support for Node 16

Community

• Fix typos in Troubleshooting guide (@​independencyinjection, #​3051)
• Improve dependabot configuration (@​nschonni)

Supported Environments

OS	Architecture	Node
Windows	x86 & x64	12, 14, 15, 16
OSX	x64	12, 14, 15, 16
Linux*	x64	12, 14, 15, 16
Alpine Linux	x64	12, 14, 15, 16
FreeBSD	i386 amd64	12, 14, 15

*Linux support refers to major distributions like Ubuntu, and Debian

v5.0.0

Compare Source

Breaking changes

• Only support LTS and current Node versions (@​nschonni)
• Remove deprecated process.sass API (@​xzyfer, #​2986)

Features

• Add support for Node 15
• New node-gyp version that supports building with Python 3

Community

• More inclusive documentation (@​rgeerts, #​2944)
• Enabled dependabot (@​nschonni)
• Improve release automation (@​nschonni)

Fixes

• Bumped many dependencies (@​nschonni)

Supported Environments

OS	Architecture	Node
Windows	x86 & x64	10, 12, 14, 15
OSX	x64	10, 12, 14, 15
Linux*	x64	10, 12, 14, 15
Alpine Linux	x64	10, 12, 14, 15
FreeBSD	i386 amd64	10, 12, 14, 15

*Linux support refers to major distributions like Ubuntu, and Debian

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud