[Snyk] Upgrade sass from 1.32.12 to 1.64.1 #1270
Open
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade sass from 1.32.12 to 1.64.1.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version fixes:
SNYK-JS-LODASHSET-1320032
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-ASYNC-2441827
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-ASYNC-2441827
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-AXIOS-1579269
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-JSONSCHEMA-1920922
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-TAR-1536528
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-TAR-1536531
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-TAR-1579147
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-TAR-1579152
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-TAR-1579155
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-SSH2-1656673
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-QS-3153490
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-QS-3153490
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-QS-3153490
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-MONGOOSE-2961688
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-MONGOOSE-5777721
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-NORMALIZEURL-1296539
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-PARSELINKHEADER-1582783
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-SNYK-3111871
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-FOLLOWREDIRECTS-2332181
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-GOT-2932019
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-JSZIP-1251497
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-GOT-2932019
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-HTTPCACHESEMANTICS-3248783
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-COOKIEJAR-3149984
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-ISSVG-1085627
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-ISSVG-1243891
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-JSON5-3182856
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-JSZIP-3188562
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-JSZIP-1251497
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-JSZIP-3188562
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-SNYKDOCKERPLUGIN-3039679
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-SNYKGOPLUGIN-3037316
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-VALIDATOR-1090599
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-VALIDATOR-1090600
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-VALIDATOR-1090601
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-VALIDATOR-1090602
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-XML2JS-5414874
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-XML2JS-5414874
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-SNYKGRADLEPLUGIN-3038624
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-SNYKMVNPLUGIN-3038623
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-MINIMATCH-3050818
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-SNYKPYTHONPLUGIN-3039677
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-SNYKSBTPLUGIN-3038626
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-SNYKSNYKCOCOAPODSPLUGIN-3038625
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-SNYKSNYKHEXPLUGIN-3039680
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-SNYK-3037342
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-SNYK-3038622
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-MPATH-1577289
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-NODEMAILER-1296415
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-FOLLOWREDIRECTS-2396346
Why? Proof of Concept exploit, CVSS 7.3
SNYK-JS-TAR-1536758
Why? Proof of Concept exploit, CVSS 7.3
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: sass
To install Sass 1.64.1, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.
Changes
Embedded Sass
SassCalculation.clamp()
with less than 3 arguments would throw an error.See the full changelog for changes in earlier releases.
To install Sass 1.64.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.
Changes
Comments that appear before or between
@ use
and@ forward
rules are now emitted in source order as much as possible, instead of always being emitted after the CSS of all module dependencies.Fix a bug where an interpolation in a custom property name crashed if the file was loaded by a
@ use
nested in an@ import
.JavaScript API
Add a new
SassCalculation
type that represents the calculation objects added in Dart Sass 1.40.0.Add
Value.assertCalculation()
, which returns the value if it's aSassCalculation
and throws an error otherwise.Produce a better error message when an environment that supports some Node.js APIs loads the browser entrypoint but attempts to access the filesystem.
Embedded Sass
@ imports
failed to load when using the deprecated functionsrender
orrenderSync
and those relative imports were loaded multiple times across different files.See the full changelog for changes in earlier releases.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs