Update dev dependency on node-sass to 4.9.3 to mitigate cryptiles vul…

…nerability Dev dependencies contain `gulp-sass` which depends on `node-sass` `node-sass` [`4.9.3` requires `request` `2.87.0`](sass/node-sass#2435) [`request` `2.87.0` removes dependency on `hawk`](request/request#2943) `hawk` depends on `cryptiles` `cryptiles` has the vulnerability https://nvd.nist.gov/vuln/detail/CVE-2018-1000620
gene1wood · Jan 18, 2019 · c404245 · c404245
1 parent 3e212ff
commit c404245
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/package.json b/package.json
@@ -19,6 +19,7 @@
     "gulp-minify": "^3.0.2",
     "gulp-mustache": "^3.0.1",
     "gulp-sass": "^3.2.1",
+    "node-sass": "^4.9.3",
     "gulp-sourcemaps": "^2.6.4",
     "gulp-uglify": "^3.0.0",
     "gulplog": "^1.0.0",