[Snyk] Upgrade node-sass from 4.8.3 to 4.13.1

[snyk-bot]

Snyk has created this PR to upgrade node-sass from 4.8.3 to 4.13.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 10 versions ahead of your current version.
• The recommended version was released a month ago, on 2020-01-16.

The recommended version fixes:

Severity	Issue	Exploit Maturity
	Prototype Override Protection Bypass npm:qs:20170213	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-174125	No Known Exploit
	Prototype Pollution SNYK-JS-LODASHMERGEWITH-174136	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-FSTREAM-174725	No Known Exploit
	Remote Memory Exposure npm:request:20160119	No Known Exploit
	Timing Attack npm:http-signature:20150122	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:mime:20170907	No Known Exploit
	Regular Expression Denial of Service (DoS) npm:hawk:20160119	No Known Exploit

Release notes

Package name: node-sass

• 4.13.1 - 2020-01-16
  

  Community

  • Fix render example syntax (@ZoranPandovski , #2787)
  • Fix sourceMap option inconsistencies (@saper , #2394)
  • Fix possible crash in customer importer (@xzyfer, #2816)

  Supported Environments

  OS	Architecture	Node
  Windows	x86 & x64	0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13
  OSX	x64	0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13
  Linux*	x86 & x64	0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8**, 9**, 10**^, 11**^, 12**^, 13**^
  Alpine Linux	x64	6, 8, 10, 11, 12, 13
  FreeBSD	i386 amd64	6, 8, 10, 12, 13

  *Linux support refers to Ubuntu, Debian, and CentOS 5+
  ** Not available on CentOS 5
  ^ Only available on x64

• 4.13.0 - 2019-10-24
  

  Features

  • Node 13 support (@saper, #2766 #2767)

  Community

  • Fix broken link to NodeJS docs in README.md (@schwigri, #2753)
  • Assorted typo fixes (@XhmikosR , #2726)
  • Remove PR template (@nschonni)
  • Remove sudo settings from .travis.yml (@abetomo, #2673)
  • Add note in PR template about node-gyp 4.0 (@nschonni)
  • Change note about Node 12 support (@nschonni)

  Dependencies

  • lodash@^4.17.15 (@kessenich, #2574)

  Supported Environments

  OS	Architecture	Node
  Windows	x86 & x64	0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13
  OSX	x64	0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13
  Linux*	x86 & x64	0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8**, 9**, 10**^, 11**^, 12**^, 13**^
  Alpine Linux	x64	6, 8, 10, 11, 12, 13
  FreeBSD	i386 amd64	6, 8, 10, 12, 13

  *Linux support refers to Ubuntu, Debian, and CentOS 5+
  ** Not available on CentOS 5
  ^ Only available on x64

• 4.12.0 - 2019-04-27
  

  Features

  • Node 12 support (@xzyfer, #2632)

  Community

  • Convert all documentation links to HTTPS (@asottile, #2608)
  • Remove out dated documentation (@DerZyklop, #2590)
  • Remove @adamyeats from maintainers list (@adamyeats, #2576)
  • Update troubleshooting documentation (@nschonni, #2454)
  • Clearly document Node version support in README (@nschonni, #2383)

  Dependencies

  • nan@^2.13.2 (@xzyfer, #2632)
  • lodash@4.17.11 (@cheesestringer, #2574)

  Supported Environments

  OS	Architecture	Node
  Windows	x86 & x64	0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12
  OSX	x64	0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12
  Linux*	x86 & x64	0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8**, 9**, 10**^, 11**^, 12**^
  Alpine Linux	x64	6, 8, 10, 11, 12
  FreeBSD	i386 amd64	8, 10, 12

  *Linux support refers to Ubuntu, Debian, and CentOS 5+
  ** Not available on CentOS 5
  ^ Only available on x64

• 4.11.0 - 2018-11-15
  

  LibSass 3.5.5

  This released updates LibSass to 3.5.5. This update brings

  • Stability fixes
  • Removes noisey deprecation warning for @import'ing .css files
  • Support hex colors with alpha channels

  Features

  • Update LibSass to 3.5.5 (@xzyfer, #2543)

  Fixes

  • Revert change that introduced a noisey deprecation warning (@xzyfer, #2362)

  Supported Environments

  OS	Architecture	Node
  Windows	x86 & x64	0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11
  OSX	x64	0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11
  Linux*	x86 & x64	0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8**, 9**, 10**^, 11**
  Alpine Linux	x64	6, 8, 10, 11

  *Linux support refers to Ubuntu, Debian, and CentOS 5+
  ** Not available on CentOS 5
  ^ Only available on x64

• 4.10.0 - 2018-11-04
  

  Features

  • Add Node 11 support (@xzyfer, #2521)

  Supported Environments

  OS	Architecture	Node
  Windows	x86 & x64	0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11
  OSX	x64	0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11
  Linux*	x86 & x64	0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8**, 9**, 10**^, 11**
  Alpine Linux	x64	4, 6, 7, 8, 9, 10, 11
  FreeBSD 10+	amd64	4, 6, 8, 9, 10
  FreeBSD 10+	i386	4, 6, 8, 9, 10

  *Linux support refers to Ubuntu, Debian, and CentOS 5+
  ** Not available on CentOS 5
  ^ Only available on x64

• 4.9.4 - 2018-10-15
• 4.9.3 - 2018-08-09
• 4.9.2 - 2018-07-08
• 4.9.1 - 2018-07-05
• 4.9.0 - 2018-04-25
• 4.8.3 - 2018-03-18

from node-sass GitHub release notes

Commit messages

Package name: node-sass

• b54053a Update changelog
• 01db051 4.13.1
• 338fd7a Merge pull request from GHSA-f6rp-gv58-9cw3
• c6f2e5a doc: README example fix (#2787)
• fbc9ff5 Merge pull request #2754 from saper/no-map-if-not-requested
• 60fad5f 4.13.0
• 43db915 Merge pull request #2768 from sass/release-4-13
• 0c8d308 Update references for v4.13 release
• f1cc0d3 Use GCC 6 for Node 12 binaries (#2767)
• 3838eae Use GCC 6 for Node 12 binaries
• e84c6a9 Merge pull request #2766 from saper/node-modules-79
• 64b6f32 Node 13 support
• 8498f70 Fix Bump Newtonsoft.Json from 12.0.2 to 13.0.1 in /src/Merchello.FastTrack.Ui Merchello/Merchello#2394: sourceMap option should have consistent behaviour
• 8d0acca Merge pull request #2753 from schwigri/master
• b0d4d85 Fix broken link to NodeJS docs in README.md
• 887199a Merge pull request #2730 from kessenich/master
• b1f54d7 Fix #2614 - Update lodash version
• 96aa279 Merge pull request #2726 from XhmikosR/master-xmr-typos
• 8421979 Assorted typo fixes.
• 2513e6a chore: Remove PR template
• 7ab387c Merge pull request #2673 from abetomo/remove_sudo_setting_from_travis
• 15355dd Remove sudo settings from .travis.yml
• 0c1a49e chore: Add not in PR template about node-gyp 4.0
• e59f5ba chore: Change note about Node 12 support

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[//]: # (snyk:metadata:{"dependencies":[{"name":"node-sass","from":"4.8.3","to":"4.13.1"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/saurabharch/project/354105fd-73b8-4235-855a-056269d9c0c9?utm_source=github&utm_medium=upgrade-pr","projectPublicId":"354105fd-73b8-4235-855a-056269d9c0c9","env":"prod","prType":"upgrade","vulns":["npm:qs:20170213","SNYK-JS-TAR-174125","SNYK-JS-LODASHMERGEWITH-174136","SNYK-JS-FSTREAM-174725","npm:request:20160119","npm:http-signature:20150122","npm:mime:20170907","npm:hawk:20160119"],"issuesToFix":[{"issueId":"npm:qs:20170213","severity":"high","title":"Prototype Override Protection Bypass","exploitMaturity":"no-known-exploit"},{"issueId":"SNYK-JS-TAR-174125","severity":"high","title":"Arbitrary File Overwrite","exploitMaturity":"no-known-exploit"},{"issueId":"SNYK-JS-LODASHMERGEWITH-174136","severity":"high","title":"Prototype Pollution","exploitMaturity":"no-known-exploit"},{"issueId":"SNYK-JS-FSTREAM-174725","severity":"high","title":"Arbitrary File Overwrite","exploitMaturity":"no-known-exploit"},{"issueId":"npm:request:20160119","severity":"medium","title":"Remote Memory Exposure","exploitMaturity":"no-known-exploit"},{"issueId":"npm:http-signature:20150122","severity":"medium","title":"Timing Attack","exploitMaturity":"no-known-exploit"},{"issueId":"npm:mime:20170907","severity":"low","title":"Regular Expression Denial of Service (ReDoS)","exploitMaturity":"no-known-exploit"},{"issueId":"npm:hawk:20160119","severity":"low","title":"Regular Expression Denial of Service (DoS)","exploitMaturity":"no-known-exploit"}],"upgrade":["npm:qs:20170213","SNYK-JS-TAR-174125","SNYK-JS-LODASHMERGEWITH-174136","SNYK-JS-FSTREAM-174725","npm:request:20160119","npm:http-signature:20150122","npm:mime:20170907","npm:hawk:20160119"],"upgradeInfo":{"versionsDiff":10,"publishedDate":"2020-01-16T12:47:40.307Z"},"templateVariants":[],"hasFixes":true,"isMajorUpgrade":false,"isBreakingChange":false})