node-sass
Advanced tools
Comparing version 7.0.2 to 7.0.3
@@ -8,3 +8,3 @@ /*! | ||
path = require('path'), | ||
trueCasePathSync = require('true-case-path').trueCasePathSync, | ||
trueCasePathSync = require('true-case-path'), | ||
pkg = require('../package.json'), | ||
@@ -11,0 +11,0 @@ defaultBinaryDir = path.join(__dirname, '..', 'vendor'); |
{ | ||
"name": "node-sass", | ||
"version": "7.0.2", | ||
"version": "7.0.3", | ||
"libsass": "3.5.5", | ||
@@ -19,3 +19,3 @@ "description": "Wrapper around libsass", | ||
"engines": { | ||
"node": ">=14" | ||
"node": ">=12" | ||
}, | ||
@@ -64,9 +64,10 @@ "main": "lib/index.js", | ||
"lodash": "^4.17.15", | ||
"make-fetch-happen": "^10.0.4", | ||
"meow": "^9.0.0", | ||
"nan": "^2.13.2", | ||
"node-gyp": "^9.0.0", | ||
"node-gyp": "^8.4.1", | ||
"npmlog": "^5.0.0", | ||
"request": "^2.88.0", | ||
"sass-graph": "^4.0.1", | ||
"stdout-stream": "^1.4.0", | ||
"true-case-path": "^2.2.1" | ||
"true-case-path": "^1.0.2" | ||
}, | ||
@@ -73,0 +74,0 @@ "devDependencies": { |
@@ -22,6 +22,6 @@ # node-sass | ||
Node 16 | 6.0+ | 93 | ||
Node 15 | 5.0+, <7.0 | 88 | ||
Node 15 | 5.0+, <7.0 | 88 | ||
Node 14 | 4.14+ | 83 | ||
Node 13 | 4.13+, <5.0 | 79 | ||
Node 12 | 4.12+, <8.0 | 72 | ||
Node 12 | 4.12+ | 72 | ||
Node 11 | 4.10+, <5.0 | 67 | ||
@@ -82,3 +82,3 @@ Node 10 | 4.9+, <6.0 | 64 | ||
```shell | ||
npm install -g mirror-config-china --registry=https://registry.npmmirror.com | ||
npm install -g mirror-config-china --registry=http://registry.npm.taobao.org | ||
npm install node-sass | ||
@@ -496,3 +496,3 @@ ``` | ||
[@10xLaCroixDrinker](https://github.com/10xLaCroixDrinker) wrote a [DocPad](http://docpad.org/) plugin that compiles `.scss` files using node-sass: <https://github.com/docpad/docpad-plugin-nodesass> | ||
[@10xLaCroixDrinker](https://github.com/10xLaCroixDrinker) wrote a [DocPad](http://docpad.org/) plugin that compiles `.scss` files using node-sass: <https://github.com/10xLaCroixDrinker/docpad-plugin-nodesass> | ||
@@ -499,0 +499,0 @@ ### Duo.js extension |
@@ -8,3 +8,4 @@ /*! | ||
path = require('path'), | ||
fetch = require('make-fetch-happen'), | ||
request = require('request'), | ||
log = require('npmlog'), | ||
sass = require('../lib/extensions'), | ||
@@ -24,4 +25,17 @@ downloadOptions = require('./util/downloadoptions'); | ||
var reportError = function(err) { | ||
var timeoutMessge; | ||
if (err.code === 'ETIMEDOUT') { | ||
if (err.connect === true) { | ||
// timeout is hit while your client is attempting to establish a connection to a remote machine | ||
timeoutMessge = 'Timed out attemping to establish a remote connection'; | ||
} else { | ||
timeoutMessge = 'Timed out whilst downloading the prebuilt binary'; | ||
// occurs any time the server is too slow to send back a part of the response | ||
} | ||
} | ||
cb(['Cannot download "', url, '": ', eol, eol, | ||
typeof err.message === 'string' ? err.message : err, eol, eol, | ||
timeoutMessge ? timeoutMessge + eol + eol : timeoutMessge, | ||
'Hint: If github.com is not accessible in your location', eol, | ||
@@ -35,3 +49,3 @@ ' try setting a proxy via HTTP_PROXY, e.g. ', eol, eol, | ||
var successful = function(response) { | ||
return response.status >= 200 && response.status < 300; | ||
return response.statusCode >= 200 && response.statusCode < 300; | ||
}; | ||
@@ -42,12 +56,35 @@ | ||
try { | ||
fetch(url, downloadOptions()).then(function (response) { | ||
fs.createWriteStream(dest).on('error', cb).end(response.data, cb); | ||
console.log('Download complete'); | ||
}).catch(function(err) { | ||
if(!successful(err)) { | ||
reportError(['HTTP error', err.code, err.message].join(' ')); | ||
request(url, downloadOptions(), function(err, response, buffer) { | ||
if (err) { | ||
reportError(err); | ||
} else if (!successful(response)) { | ||
reportError(['HTTP error', response.statusCode, response.statusMessage].join(' ')); | ||
} else { | ||
reportError(err); | ||
console.log('Download complete'); | ||
if (successful(response)) { | ||
fs.createWriteStream(dest) | ||
.on('error', cb) | ||
.end(buffer, cb); | ||
} else { | ||
cb(); | ||
} | ||
} | ||
}); | ||
}) | ||
.on('response', function(response) { | ||
var length = parseInt(response.headers['content-length'], 10); | ||
var progress = log.newItem('', length); | ||
// The `progress` is true by default. However if it has not | ||
// been explicitly set it's `undefined` which is considered | ||
// as far as npm is concerned. | ||
if (process.env.npm_config_progress === 'true') { | ||
log.enableProgress(); | ||
response.on('data', function(chunk) { | ||
progress.completeWork(chunk.length); | ||
}) | ||
.on('end', progress.finish); | ||
} | ||
}); | ||
} catch (err) { | ||
@@ -54,0 +91,0 @@ cb(err); |
@@ -6,5 +6,10 @@ var proxy = require('./proxy'), | ||
/** | ||
* The options passed to make-fetch-happen when downloading the binary | ||
* The options passed to request when downloading the bibary | ||
* | ||
* @return {Object} an options object for make-fetch-happen | ||
* There some nuance to how request handles options. Specifically | ||
* we've been caught by their usage of `hasOwnProperty` rather than | ||
* falsey checks. By moving the options generation into a util helper | ||
* we can test for regressions. | ||
* | ||
* @return {Object} an options object for request | ||
* @api private | ||
@@ -14,3 +19,3 @@ */ | ||
var options = { | ||
strictSSL: rejectUnauthorized(), | ||
rejectUnauthorized: rejectUnauthorized(), | ||
timeout: 60000, | ||
@@ -20,2 +25,3 @@ headers: { | ||
}, | ||
encoding: null, | ||
}; | ||
@@ -22,0 +28,0 @@ |
@@ -11,3 +11,3 @@ var assert = require('assert').strict, | ||
var expected = { | ||
strictSSL: true, | ||
rejectUnauthorized: true, | ||
timeout: 60000, | ||
@@ -17,2 +17,3 @@ headers: { | ||
}, | ||
encoding: null, | ||
}; | ||
@@ -37,3 +38,3 @@ | ||
var expected = { | ||
strictSSL: true, | ||
rejectUnauthorized: true, | ||
proxy: proxy, | ||
@@ -44,2 +45,3 @@ timeout: 60000, | ||
}, | ||
encoding: null, | ||
}; | ||
@@ -64,3 +66,3 @@ | ||
var expected = { | ||
strictSSL: true, | ||
rejectUnauthorized: true, | ||
timeout: 60000, | ||
@@ -70,2 +72,3 @@ headers: { | ||
}, | ||
encoding: null, | ||
}; | ||
@@ -84,3 +87,3 @@ | ||
var expected = { | ||
strictSSL: false, | ||
rejectUnauthorized: false, | ||
timeout: 60000, | ||
@@ -90,2 +93,3 @@ headers: { | ||
}, | ||
encoding: null, | ||
}; | ||
@@ -104,3 +108,3 @@ | ||
var expected = { | ||
strictSSL: true, | ||
rejectUnauthorized: true, | ||
timeout: 60000, | ||
@@ -110,2 +114,3 @@ headers: { | ||
}, | ||
encoding: null, | ||
}; | ||
@@ -124,3 +129,3 @@ | ||
var expected = { | ||
strictSSL: true, | ||
rejectUnauthorized: true, | ||
timeout: 60000, | ||
@@ -130,2 +135,3 @@ headers: { | ||
}, | ||
encoding: null, | ||
}; | ||
@@ -132,0 +138,0 @@ |
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
5725
1
4640242
15
337
108
+ Addednpmlog@^5.0.0
+ Addedrequest@^2.88.0
+ Added@npmcli/fs@1.1.1(transitive)
+ Added@npmcli/move-file@1.1.2(transitive)
+ Added@tootallnate/once@1.1.2(transitive)
+ Addedajv@6.12.6(transitive)
+ Addedare-we-there-yet@2.0.0(transitive)
+ Addedasn1@0.2.6(transitive)
+ Addedassert-plus@1.0.0(transitive)
+ Addedasynckit@0.4.0(transitive)
+ Addedaws-sign2@0.7.0(transitive)
+ Addedaws4@1.12.0(transitive)
+ Addedbcrypt-pbkdf@1.0.2(transitive)
+ Addedcacache@15.3.0(transitive)
+ Addedcaseless@0.12.0(transitive)
+ Addedcombined-stream@1.0.8(transitive)
+ Addedcore-util-is@1.0.2(transitive)
+ Addeddashdash@1.14.1(transitive)
+ Addeddelayed-stream@1.0.0(transitive)
+ Addedecc-jsbn@0.1.2(transitive)
+ Addedextend@3.0.2(transitive)
+ Addedextsprintf@1.3.0(transitive)
+ Addedfast-deep-equal@3.1.3(transitive)
+ Addedfast-json-stable-stringify@2.1.0(transitive)
+ Addedforever-agent@0.6.1(transitive)
+ Addedform-data@2.3.3(transitive)
+ Addedgauge@3.0.2(transitive)
+ Addedgetpass@0.1.7(transitive)
+ Addedhar-schema@2.0.0(transitive)
+ Addedhar-validator@5.1.5(transitive)
+ Addedhttp-proxy-agent@4.0.1(transitive)
+ Addedhttp-signature@1.2.0(transitive)
+ Addedis-typedarray@1.0.0(transitive)
+ Addedisstream@0.1.2(transitive)
+ Addedjsbn@0.1.1(transitive)
+ Addedjson-schema@0.4.0(transitive)
+ Addedjson-schema-traverse@0.4.1(transitive)
+ Addedjson-stringify-safe@5.0.1(transitive)
+ Addedjsprim@1.4.2(transitive)
+ Addedmake-fetch-happen@9.1.0(transitive)
+ Addedmime-db@1.52.0(transitive)
+ Addedmime-types@2.1.35(transitive)
+ Addedminipass-fetch@1.4.1(transitive)
+ Addednode-gyp@8.4.1(transitive)
+ Addednopt@5.0.0(transitive)
+ Addednpmlog@5.0.1(transitive)
+ Addedoauth-sign@0.9.0(transitive)
+ Addedobject-assign@4.1.1(transitive)
+ Addedperformance-now@2.1.0(transitive)
+ Addedpsl@1.9.0(transitive)
+ Addedpunycode@2.3.1(transitive)
+ Addedqs@6.5.3(transitive)
+ Addedrequest@2.88.2(transitive)
+ Addedsocks-proxy-agent@6.2.1(transitive)
+ Addedsshpk@1.18.0(transitive)
+ Addedssri@8.0.1(transitive)
+ Addedtough-cookie@2.5.0(transitive)
+ Addedtrue-case-path@1.0.3(transitive)
+ Addedtunnel-agent@0.6.0(transitive)
+ Addedtweetnacl@0.14.5(transitive)
+ Addedunique-filename@1.1.1(transitive)
+ Addedunique-slug@2.0.2(transitive)
+ Addeduri-js@4.4.1(transitive)
+ Addeduuid@3.4.0(transitive)
+ Addedverror@1.10.0(transitive)
- Removedmake-fetch-happen@^10.0.4
- Removed@npmcli/fs@2.1.2(transitive)
- Removed@npmcli/move-file@2.0.1(transitive)
- Removed@tootallnate/once@2.0.0(transitive)
- Removedbrace-expansion@2.0.1(transitive)
- Removedcacache@16.1.3(transitive)
- Removedexponential-backoff@3.1.1(transitive)
- Removedglob@8.1.0(transitive)
- Removedhttp-proxy-agent@5.0.0(transitive)
- Removedlru-cache@7.18.3(transitive)
- Removedmake-fetch-happen@10.2.1(transitive)
- Removedminimatch@5.1.6(transitive)
- Removedminipass-fetch@2.1.2(transitive)
- Removednode-gyp@9.4.1(transitive)
- Removednopt@6.0.0(transitive)
- Removedsocks-proxy-agent@7.0.0(transitive)
- Removedssri@9.0.1(transitive)
- Removedtrue-case-path@2.2.1(transitive)
- Removedunique-filename@2.0.1(transitive)
- Removedunique-slug@3.0.0(transitive)
Updatednode-gyp@^8.4.1
Updatedtrue-case-path@^1.0.2