node-sass
Advanced tools
Comparing version 6.0.1 to 7.0.0
@@ -84,2 +84,3 @@ /*! | ||
case 93: return 'Node.js 16.x'; | ||
case 102: return 'Node.js 17.x'; | ||
default: return false; | ||
@@ -86,0 +87,0 @@ } |
{ | ||
"name": "node-sass", | ||
"version": "6.0.1", | ||
"version": "7.0.0", | ||
"libsass": "3.5.5", | ||
@@ -57,3 +57,3 @@ "description": "Wrapper around libsass", | ||
"async-foreach": "^0.1.3", | ||
"chalk": "^1.1.1", | ||
"chalk": "^4.1.2", | ||
"cross-spawn": "^7.0.3", | ||
@@ -67,3 +67,3 @@ "gaze": "^1.0.0", | ||
"node-gyp": "^7.1.0", | ||
"npmlog": "^4.0.0", | ||
"npmlog": "^5.0.0", | ||
"request": "^2.88.0", | ||
@@ -75,4 +75,4 @@ "sass-graph": "2.2.5", | ||
"devDependencies": { | ||
"eslint": "^7.10.0", | ||
"fs-extra": "^0.30.0", | ||
"eslint": "^8.0.0", | ||
"fs-extra": "^10.0.0", | ||
"mocha": "^9.0.1", | ||
@@ -79,0 +79,0 @@ "nyc": "^15.1.0", |
@@ -16,8 +16,9 @@ # node-sass | ||
Below is a quick guide for minimum and maximum support supported version of node-sass: | ||
Below is a quick guide for minimum and maximum supported versions of node-sass: | ||
NodeJS | Supported node-sass version | Node Module | ||
--------|-----------------------------|------------ | ||
Node 17 | 7.0+ | 102 | ||
Node 16 | 6.0+ | 93 | ||
Node 15 | 5.0+ | 88 | ||
Node 15 | 5.0+, <7.0 | 88 | ||
Node 14 | 4.14+ | 83 | ||
@@ -599,8 +600,9 @@ Node 13 | 4.13+, <5.0 | 79 | ||
Variable name | .npmrc parameter | Process argument | Value | ||
-----------------|------------------|--------------------|------ | ||
SASS_BINARY_NAME | sass_binary_name | --sass-binary-name | path | ||
SASS_BINARY_SITE | sass_binary_site | --sass-binary-site | URL | ||
SASS_BINARY_PATH | sass_binary_path | --sass-binary-path | path | ||
SASS_BINARY_DIR | sass_binary_dir | --sass-binary-dir | path | ||
Variable name | .npmrc parameter | Process argument | Value | ||
-------------------------|--------------------------|----------------------------|------ | ||
SASS_BINARY_NAME | sass_binary_name | --sass-binary-name | path | ||
SASS_BINARY_SITE | sass_binary_site | --sass-binary-site | URL | ||
SASS_BINARY_PATH | sass_binary_path | --sass-binary-path | path | ||
SASS_BINARY_DIR | sass_binary_dir | --sass-binary-dir | path | ||
SASS_REJECT_UNAUTHORIZED | sass_reject_unauthorized | --sass-reject-unauthorized | value | ||
@@ -619,2 +621,4 @@ These parameters can be used as environment variable: | ||
If you are using self-signed certificates for your binary then `SASS_REJECT_UNAUTHORIZED` will override (rejectUnauthorized)[https://nodejs.org/docs/latest/api/tls.html#tls_tls_createserver_options_secureconnectionlistener]. | ||
## Post-install Build | ||
@@ -621,0 +625,0 @@ |
var proxy = require('./proxy'), | ||
userAgent = require('./useragent'); | ||
userAgent = require('./useragent'), | ||
rejectUnauthorized = require('./rejectUnauthorized'); | ||
@@ -17,3 +18,3 @@ /** | ||
var options = { | ||
rejectUnauthorized: false, | ||
rejectUnauthorized: rejectUnauthorized(), | ||
timeout: 60000, | ||
@@ -20,0 +21,0 @@ headers: { |
@@ -11,3 +11,3 @@ var assert = require('assert').strict, | ||
var expected = { | ||
rejectUnauthorized: false, | ||
rejectUnauthorized: true, | ||
timeout: 60000, | ||
@@ -37,3 +37,3 @@ headers: { | ||
var expected = { | ||
rejectUnauthorized: false, | ||
rejectUnauthorized: true, | ||
proxy: proxy, | ||
@@ -64,2 +64,21 @@ timeout: 60000, | ||
var expected = { | ||
rejectUnauthorized: true, | ||
timeout: 60000, | ||
headers: { | ||
'User-Agent': ua(), | ||
}, | ||
encoding: null, | ||
}; | ||
assert.deepStrictEqual(opts(), expected); | ||
}); | ||
}); | ||
describe('with SASS_REJECT_UNAUTHORIZED set to false', function() { | ||
beforeEach(function() { | ||
process.env.SASS_REJECT_UNAUTHORIZED = '0'; | ||
}); | ||
it('should look as we expect', function() { | ||
var expected = { | ||
rejectUnauthorized: false, | ||
@@ -76,3 +95,45 @@ timeout: 60000, | ||
}); | ||
describe('with SASS_REJECT_UNAUTHORIZED set to true', function() { | ||
beforeEach(function() { | ||
process.env.SASS_REJECT_UNAUTHORIZED = '1'; | ||
}); | ||
it('should look as we expect', function() { | ||
var expected = { | ||
rejectUnauthorized: true, | ||
timeout: 60000, | ||
headers: { | ||
'User-Agent': ua(), | ||
}, | ||
encoding: null, | ||
}; | ||
assert.deepStrictEqual(opts(), expected); | ||
}); | ||
}); | ||
describe('with npm_config_sass_reject_unauthorized set to true', function() { | ||
beforeEach(function() { | ||
process.env.npm_config_sass_reject_unauthorized = true; | ||
}); | ||
it('should look as we expect', function() { | ||
var expected = { | ||
rejectUnauthorized: true, | ||
timeout: 60000, | ||
headers: { | ||
'User-Agent': ua(), | ||
}, | ||
encoding: null, | ||
}; | ||
assert.deepStrictEqual(opts(), expected); | ||
}); | ||
afterEach(function() { | ||
process.env.npm_config_sass_reject_unauthorized = undefined; | ||
}); | ||
}); | ||
}); | ||
}); |
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
4651949
340
5725
651
108
+ Addedansi-regex@5.0.1(transitive)
+ Addedansi-styles@4.3.0(transitive)
+ Addedare-we-there-yet@2.0.0(transitive)
+ Addedchalk@4.1.2(transitive)
+ Addedcolor-convert@2.0.1(transitive)
+ Addedcolor-name@1.1.4(transitive)
+ Addedcolor-support@1.1.3(transitive)
+ Addedemoji-regex@8.0.0(transitive)
+ Addedgauge@3.0.2(transitive)
+ Addedhas-flag@4.0.0(transitive)
+ Addedis-fullwidth-code-point@3.0.0(transitive)
+ Addednpmlog@5.0.1(transitive)
+ Addedreadable-stream@3.6.2(transitive)
+ Addedsafe-buffer@5.2.1(transitive)
+ Addedstring-width@4.2.3(transitive)
+ Addedstring_decoder@1.3.0(transitive)
+ Addedstrip-ansi@6.0.1(transitive)
+ Addedsupports-color@7.2.0(transitive)
- Removedansi-styles@2.2.1(transitive)
- Removedchalk@1.1.3(transitive)
- Removedhas-ansi@2.0.0(transitive)
- Removedsupports-color@2.0.0(transitive)
Updatedchalk@^4.1.2
Updatednpmlog@^5.0.0