From 16b8d4b2d731714fd5fdb579183387601a0ef4d6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 12 Jul 2021 05:01:51 +0000 Subject: [PATCH 01/14] build(deps): bump coverallsapp/github-action from 1.1.2 to 1.1.3 Bumps [coverallsapp/github-action](https://github.com/coverallsapp/github-action) from 1.1.2 to 1.1.3. - [Release notes](https://github.com/coverallsapp/github-action/releases) - [Commits](https://github.com/coverallsapp/github-action/compare/v1.1.2...1.1.3) --- updated-dependencies: - dependency-name: coverallsapp/github-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/coverage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index ccd70311a..67a6ecd14 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -35,6 +35,6 @@ jobs: run: npm run coverage - name: Coveralls GitHub Action - uses: coverallsapp/github-action@v1.1.2 + uses: coverallsapp/github-action@1.1.3 with: github-token: ${{ secrets.GITHUB_TOKEN }} From eaf791ae356d9416c41cfd42fa1626b146c212ab Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 26 Jul 2021 05:01:52 +0000 Subject: [PATCH 02/14] build(deps): bump actions/setup-node from 2.1.5 to 2.3.0 Bumps [actions/setup-node](https://github.com/actions/setup-node) from 2.1.5 to 2.3.0. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v2.1.5...v2.3.0) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/lint-js.yml | 2 +- .github/workflows/linux.yml | 2 +- .github/workflows/macos.yml | 2 +- .github/workflows/windows.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-js.yml b/.github/workflows/lint-js.yml index 21b60786b..a6c84b595 100644 --- a/.github/workflows/lint-js.yml +++ b/.github/workflows/lint-js.yml @@ -27,7 +27,7 @@ jobs: steps: - uses: actions/checkout@v2 - - uses: actions/setup-node@v2.1.5 + - uses: actions/setup-node@v2.3.0 - name: Install packages run: npm install --unsafe-perm diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index f82ae516f..4c22dd33a 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -42,7 +42,7 @@ jobs: - uses: actions/checkout@v2 - name: Setup Node.js environment - uses: actions/setup-node@v2.1.5 + uses: actions/setup-node@v2.3.0 with: node-version: ${{ matrix.node }} diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index cadeff24a..f6eff58c3 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -23,7 +23,7 @@ jobs: - uses: actions/checkout@v2 - name: Setup Node.js environment - uses: actions/setup-node@v2.1.5 + uses: actions/setup-node@v2.3.0 with: node-version: ${{ matrix.node }} diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index 2d4a8db89..16a00015c 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -33,7 +33,7 @@ jobs: - uses: actions/checkout@v2 - name: Setup Node.js environment - uses: actions/setup-node@v2.1.5 + uses: actions/setup-node@v2.3.0 with: node-version: ${{ matrix.node }} From 6200b2139f5327e3c403189daccec66d3de52e13 Mon Sep 17 00:00:00 2001 From: Peter Schmidt Date: Thu, 29 Jul 2021 00:01:06 +1000 Subject: [PATCH 03/14] docs: Double word "support" (#3159) * docs: Fix README.md typo * docs: README.md use plural --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f19667a70..11f080963 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,7 @@ Projects that still use it should move onto 1. We will stop building binaries for unsupported releases, testing for breakages in dependency compatibility, but we will not block installations for those that want to support themselves. 1. New node release require minor internal changes along with support from CI providers (AppVeyor, GitHub Actions). We will open a single issue for interested parties to subscribe to, and close additional issues. -Below is a quick guide for minimum and maximum support supported version of node-sass: +Below is a quick guide for minimum and maximum supported versions of node-sass: NodeJS | Supported node-sass version | Node Module --------|-----------------------------|------------ From fca52573dd923f6043282ae31537a834cae21692 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Aug 2021 05:01:31 +0000 Subject: [PATCH 04/14] build(deps): bump actions/setup-node from 2.3.0 to 2.4.0 Bumps [actions/setup-node](https://github.com/actions/setup-node) from 2.3.0 to 2.4.0. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v2.3.0...v2.4.0) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/lint-js.yml | 2 +- .github/workflows/linux.yml | 2 +- .github/workflows/macos.yml | 2 +- .github/workflows/windows.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-js.yml b/.github/workflows/lint-js.yml index a6c84b595..e1d9864f3 100644 --- a/.github/workflows/lint-js.yml +++ b/.github/workflows/lint-js.yml @@ -27,7 +27,7 @@ jobs: steps: - uses: actions/checkout@v2 - - uses: actions/setup-node@v2.3.0 + - uses: actions/setup-node@v2.4.0 - name: Install packages run: npm install --unsafe-perm diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 4c22dd33a..44ec2b1de 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -42,7 +42,7 @@ jobs: - uses: actions/checkout@v2 - name: Setup Node.js environment - uses: actions/setup-node@v2.3.0 + uses: actions/setup-node@v2.4.0 with: node-version: ${{ matrix.node }} diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index f6eff58c3..205da615c 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -23,7 +23,7 @@ jobs: - uses: actions/checkout@v2 - name: Setup Node.js environment - uses: actions/setup-node@v2.3.0 + uses: actions/setup-node@v2.4.0 with: node-version: ${{ matrix.node }} diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index 16a00015c..799ca57df 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -33,7 +33,7 @@ jobs: - uses: actions/checkout@v2 - name: Setup Node.js environment - uses: actions/setup-node@v2.3.0 + uses: actions/setup-node@v2.4.0 with: node-version: ${{ matrix.node }} From 2efb38f5d6d159d3d234ef681838998ffc66b151 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 20 Aug 2021 21:19:31 +1000 Subject: [PATCH 05/14] build(deps): bump chalk from 1.1.3 to 4.1.2 (#3161) Bumps [chalk](https://github.com/chalk/chalk) from 1.1.3 to 4.1.2. - [Release notes](https://github.com/chalk/chalk/releases) - [Commits](https://github.com/chalk/chalk/compare/v1.1.3...v4.1.2) --- updated-dependencies: - dependency-name: chalk dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index fa3e86528..bef5f0e5a 100644 --- a/package.json +++ b/package.json @@ -54,7 +54,7 @@ ], "dependencies": { "async-foreach": "^0.1.3", - "chalk": "^1.1.1", + "chalk": "^4.1.2", "cross-spawn": "^7.0.3", "gaze": "^1.0.0", "get-stdin": "^4.0.1", From 7bb51573b6dff3b160a1389cf040eb77086fad22 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 20 Aug 2021 21:20:02 +1000 Subject: [PATCH 06/14] build(deps): bump npmlog from 4.1.2 to 5.0.0 (#3156) Bumps [npmlog](https://github.com/npm/npmlog) from 4.1.2 to 5.0.0. - [Release notes](https://github.com/npm/npmlog/releases) - [Changelog](https://github.com/npm/npmlog/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/npmlog/compare/v4.1.2...v5.0.0) --- updated-dependencies: - dependency-name: npmlog dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index bef5f0e5a..96d2b5ea6 100644 --- a/package.json +++ b/package.json @@ -63,7 +63,7 @@ "meow": "^9.0.0", "nan": "^2.13.2", "node-gyp": "^7.1.0", - "npmlog": "^4.0.0", + "npmlog": "^5.0.0", "request": "^2.88.0", "sass-graph": "2.2.5", "stdout-stream": "^1.4.0", From 566dc276991bc074eb9243cd205b7e94c2e9d0f7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 20 Aug 2021 21:21:06 +1000 Subject: [PATCH 07/14] build(deps-dev): bump fs-extra from 0.30.0 to 10.0.0 (#3102) Bumps [fs-extra](https://github.com/jprichardson/node-fs-extra) from 0.30.0 to 10.0.0. - [Release notes](https://github.com/jprichardson/node-fs-extra/releases) - [Changelog](https://github.com/jprichardson/node-fs-extra/blob/master/CHANGELOG.md) - [Commits](https://github.com/jprichardson/node-fs-extra/compare/0.30.0...10.0.0) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 96d2b5ea6..3a8adde69 100644 --- a/package.json +++ b/package.json @@ -71,7 +71,7 @@ }, "devDependencies": { "eslint": "^7.10.0", - "fs-extra": "^0.30.0", + "fs-extra": "^10.0.0", "mocha": "^9.0.1", "nyc": "^15.1.0", "rimraf": "^3.0.2", From 80d6c004b1b2416424326c12ad047d1c6d9d154e Mon Sep 17 00:00:00 2001 From: Nick Schonning Date: Tue, 24 Aug 2021 22:15:34 -0400 Subject: [PATCH 08/14] chore: Windows x86 on GitHub Actions (#3041) --- .github/workflows/windows.yml | 9 ++++-- appveyor.yml | 58 ----------------------------------- 2 files changed, 7 insertions(+), 60 deletions(-) diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index 799ca57df..f53c4891f 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -19,6 +19,10 @@ jobs: - 15 - 16 + architecture: + - x64 + - x86 + include: - node: 12 os: windows-2016 @@ -36,9 +40,10 @@ jobs: uses: actions/setup-node@v2.4.0 with: node-version: ${{ matrix.node }} + architecture: ${{ matrix.architecture }} - name: Install packages - run: npm install --unsafe-perm + run: npm install env: SKIP_SASS_BINARY_DOWNLOAD_FOR_CI: true @@ -48,7 +53,7 @@ jobs: - uses: actions/upload-artifact@v2 if: github.repository_owner == 'sass' && github.event_name != 'pull_request' with: - name: ${{ matrix.node }} + name: ${{ matrix.node }}-${{ matrix.architecture }} path: | vendor/**/binding.node build/Release/binding.pdb diff --git a/appveyor.yml b/appveyor.yml index 540a5f61e..97bd89919 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -77,61 +77,3 @@ secure: IZIifH990iABY3PQUtkRscTU/NOyYYwptGB6B1y2b618vpphV/2KD/4IWJzSAYAi on: appveyor_repo_tag: true # deploy on tag push only - -- - branches: - except: - - release - - /v\d\.\d\.\d/ - - skip_branch_with_pr: true - skip_tags: true - - os: Visual Studio 2017 - - configuration: testing - - platform: - - x86 - - version: "{build}" - - build: off - - clone_folder: c:\projects\node_modules\node-sass - - init: - - cmd: >- - subst s: c:\projects - - ps: set-location -path s:\node_modules\node-sass - - cache: - - '%userprofile%\.node-gyp' - - '%AppData%\npm-cache' - - environment: - SKIP_SASS_BINARY_DOWNLOAD_FOR_CI: true - matrix: - - nodejs_version: 12 - GYP_MSVS_VERSION: 2017 - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2017 - - nodejs_version: 14 - GYP_MSVS_VERSION: 2017 - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2017 - - nodejs_version: 15 - GYP_MSVS_VERSION: 2019 - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2019 - - nodejs_version: 16 - GYP_MSVS_VERSION: 2019 - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2019 - - install: - # https://www.appveyor.com/docs/lang/nodejs-iojs/#installing-any-version-of-nodejs-or-iojs - - ps: Update-NodeJsInstallation (Get-NodeJsLatestBuild $env:nodejs_version) $env:platform - - node --version - - npm --version - - npm install - - test_script: - - ps: set-location -path c:\projects\node_modules\node-sass - - npm test From bfa1a3c7765158717b0da2a07daa04357c851302 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Oct 2021 05:02:16 +0000 Subject: [PATCH 09/14] build(deps): bump actions/setup-node from 2.4.0 to 2.4.1 Bumps [actions/setup-node](https://github.com/actions/setup-node) from 2.4.0 to 2.4.1. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v2.4.0...v2.4.1) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/lint-js.yml | 2 +- .github/workflows/linux.yml | 2 +- .github/workflows/macos.yml | 2 +- .github/workflows/windows.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint-js.yml b/.github/workflows/lint-js.yml index e1d9864f3..320af3fee 100644 --- a/.github/workflows/lint-js.yml +++ b/.github/workflows/lint-js.yml @@ -27,7 +27,7 @@ jobs: steps: - uses: actions/checkout@v2 - - uses: actions/setup-node@v2.4.0 + - uses: actions/setup-node@v2.4.1 - name: Install packages run: npm install --unsafe-perm diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 44ec2b1de..034f4b05e 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -42,7 +42,7 @@ jobs: - uses: actions/checkout@v2 - name: Setup Node.js environment - uses: actions/setup-node@v2.4.0 + uses: actions/setup-node@v2.4.1 with: node-version: ${{ matrix.node }} diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 205da615c..7adeb9600 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -23,7 +23,7 @@ jobs: - uses: actions/checkout@v2 - name: Setup Node.js environment - uses: actions/setup-node@v2.4.0 + uses: actions/setup-node@v2.4.1 with: node-version: ${{ matrix.node }} diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index f53c4891f..b3ff60a32 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -37,7 +37,7 @@ jobs: - uses: actions/checkout@v2 - name: Setup Node.js environment - uses: actions/setup-node@v2.4.0 + uses: actions/setup-node@v2.4.1 with: node-version: ${{ matrix.node }} architecture: ${{ matrix.architecture }} From dcf2e75bba4be787970c903072cc5485505a5b41 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Oct 2021 05:02:43 +0000 Subject: [PATCH 10/14] build(deps-dev): bump eslint from 7.32.0 to 8.0.0 Bumps [eslint](https://github.com/eslint/eslint) from 7.32.0 to 8.0.0. - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md) - [Commits](https://github.com/eslint/eslint/compare/v7.32.0...v8.0.0) --- updated-dependencies: - dependency-name: eslint dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 3a8adde69..163b794ee 100644 --- a/package.json +++ b/package.json @@ -70,7 +70,7 @@ "true-case-path": "^1.0.2" }, "devDependencies": { - "eslint": "^7.10.0", + "eslint": "^8.0.0", "fs-extra": "^10.0.0", "mocha": "^9.0.1", "nyc": "^15.1.0", From d7533977a0b5b299203517d962b24d8ece51d7bd Mon Sep 17 00:00:00 2001 From: Nick Schonning Date: Thu, 21 Oct 2021 22:28:38 -0400 Subject: [PATCH 11/14] feat: Add Node 17 support (#3195) * feat: Add Node 17 support * fix: Version range for 17 Co-authored-by: Michael Mifsud Co-authored-by: Michael Mifsud --- .github/workflows/alpine.yml | 3 +++ .github/workflows/linux.yml | 5 +++++ .github/workflows/macos.yml | 1 + .github/workflows/windows.yml | 3 +++ README.md | 1 + appveyor.yml | 3 +++ lib/extensions.js | 1 + package.json | 2 +- 8 files changed, 18 insertions(+), 1 deletion(-) diff --git a/.github/workflows/alpine.yml b/.github/workflows/alpine.yml index f46d8772e..450e8fef7 100644 --- a/.github/workflows/alpine.yml +++ b/.github/workflows/alpine.yml @@ -19,6 +19,7 @@ jobs: - 14 - 15 - 16 + - 17 include: - node: 12 @@ -29,6 +30,8 @@ jobs: python: python3 - node: 16 python: python3 + - node: 17 + python: python3 steps: - name: Install Alpine build tools diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 034f4b05e..83b99bcf5 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -18,6 +18,7 @@ jobs: - 14 - 15 - 16 + - 17 include: - node: 12 @@ -36,6 +37,10 @@ jobs: gcc: "gcc-8" gpp: "g++-8" os: ubuntu-18.04 + - node: 17 + gcc: "gcc-8" + gpp: "g++-8" + os: ubuntu-18.04 steps: diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index 7adeb9600..e0f030838 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -18,6 +18,7 @@ jobs: - 14 - 15 - 16 + - 17 steps: - uses: actions/checkout@v2 diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index b3ff60a32..f00fa7885 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -18,6 +18,7 @@ jobs: - 14 - 15 - 16 + - 17 architecture: - x64 @@ -32,6 +33,8 @@ jobs: os: windows-2019 - node: 16 os: windows-2019 + - node: 17 + os: windows-2019 steps: - uses: actions/checkout@v2 diff --git a/README.md b/README.md index 11f080963..402db427b 100644 --- a/README.md +++ b/README.md @@ -17,6 +17,7 @@ Below is a quick guide for minimum and maximum supported versions of node-sass: NodeJS | Supported node-sass version | Node Module --------|-----------------------------|------------ +Node 17 | 7.0+ | 102 Node 16 | 6.0+ | 93 Node 15 | 5.0+ | 88 Node 14 | 4.14+ | 83 diff --git a/appveyor.yml b/appveyor.yml index 97bd89919..aaefbae68 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -45,6 +45,9 @@ - nodejs_version: 16 GYP_MSVS_VERSION: 2019 APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2019 + - nodejs_version: 17 + GYP_MSVS_VERSION: 2019 + APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2019 install: # https://www.appveyor.com/docs/lang/nodejs-iojs/#installing-any-version-of-nodejs-or-iojs diff --git a/lib/extensions.js b/lib/extensions.js index ce4b17a56..8f31450a3 100644 --- a/lib/extensions.js +++ b/lib/extensions.js @@ -81,6 +81,7 @@ function getHumanNodeVersion(abi) { case 83: return 'Node.js 14.x'; case 88: return 'Node.js 15.x'; case 93: return 'Node.js 16.x'; + case 102: return 'Node.js 17.x'; default: return false; } } diff --git a/package.json b/package.json index 163b794ee..f6297a1a8 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "node-sass", - "version": "6.0.1", + "version": "7.0.0", "libsass": "3.5.5", "description": "Wrapper around libsass", "license": "MIT", From e80d4afbce7ee10447535dbf5723cd405c80acd8 Mon Sep 17 00:00:00 2001 From: Nick Schonning Date: Thu, 21 Oct 2021 22:41:10 -0400 Subject: [PATCH 12/14] chore: Drop EOL Node 15 (#3122) * chore: Drop EOL Node 15 --- .github/workflows/alpine.yml | 3 --- .github/workflows/linux.yml | 5 ----- .github/workflows/macos.yml | 1 - .github/workflows/windows.yml | 3 --- README.md | 2 +- appveyor.yml | 3 --- 6 files changed, 1 insertion(+), 16 deletions(-) diff --git a/.github/workflows/alpine.yml b/.github/workflows/alpine.yml index 450e8fef7..958549725 100644 --- a/.github/workflows/alpine.yml +++ b/.github/workflows/alpine.yml @@ -17,7 +17,6 @@ jobs: node: - 12 - 14 - - 15 - 16 - 17 @@ -26,8 +25,6 @@ jobs: python: python2 - node: 14 python: python3 - - node: 15 - python: python3 - node: 16 python: python3 - node: 17 diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 83b99bcf5..e05b4f4f3 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -16,7 +16,6 @@ jobs: node: - 12 - 14 - - 15 - 16 - 17 @@ -29,10 +28,6 @@ jobs: gcc: "gcc-6" gpp: "g++-6" os: ubuntu-18.04 - - node: 15 - gcc: "gcc-6" - gpp: "g++-6" - os: ubuntu-18.04 - node: 16 gcc: "gcc-8" gpp: "g++-8" diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index e0f030838..23959ab53 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -16,7 +16,6 @@ jobs: node: - 12 - 14 - - 15 - 16 - 17 diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index f00fa7885..d3a7aa849 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -16,7 +16,6 @@ jobs: node: - 12 - 14 - - 15 - 16 - 17 @@ -29,8 +28,6 @@ jobs: os: windows-2016 - node: 14 os: windows-2016 - - node: 15 - os: windows-2019 - node: 16 os: windows-2019 - node: 17 diff --git a/README.md b/README.md index 402db427b..b0cb5b78d 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ NodeJS | Supported node-sass version | Node Module --------|-----------------------------|------------ Node 17 | 7.0+ | 102 Node 16 | 6.0+ | 93 -Node 15 | 5.0+ | 88 +Node 15 | 5.0+, <7.0 | 88 Node 14 | 4.14+ | 83 Node 13 | 4.13+, <5.0 | 79 Node 12 | 4.12+ | 72 diff --git a/appveyor.yml b/appveyor.yml index aaefbae68..c489a298c 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -39,9 +39,6 @@ - nodejs_version: 14 GYP_MSVS_VERSION: 2017 APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2017 - - nodejs_version: 15 - GYP_MSVS_VERSION: 2019 - APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2019 - nodejs_version: 16 GYP_MSVS_VERSION: 2019 APPVEYOR_BUILD_WORKER_IMAGE: Visual Studio 2019 From 0a21792803639851b480fbd8cbcb5540ef974387 Mon Sep 17 00:00:00 2001 From: Scott Anderson <87314430+scott-ut@users.noreply.github.com> Date: Sun, 28 Nov 2021 11:54:40 +0000 Subject: [PATCH 13/14] Set rejectUnauthorized to true by default (#3149) Resolve CVE-2020-240-25 by setting rejectUnauthorized to true by default. Add configuration flag to override this to false if necessary. extract rejectUnauthorized download option to its own file. Add doc option to README.md. --- README.md | 15 ++++--- scripts/util/downloadoptions.js | 5 ++- scripts/util/rejectUnauthorized.js | 46 +++++++++++++++++++++ test/downloadoptions.js | 65 +++++++++++++++++++++++++++++- 4 files changed, 121 insertions(+), 10 deletions(-) create mode 100644 scripts/util/rejectUnauthorized.js diff --git a/README.md b/README.md index b0cb5b78d..a1da0f363 100644 --- a/README.md +++ b/README.md @@ -596,12 +596,13 @@ When compiling a directory `--source-map` can either be a boolean value or a dir node-sass supports different configuration parameters to change settings related to the sass binary such as binary name, binary path or alternative download path. Following parameters are supported by node-sass: -Variable name | .npmrc parameter | Process argument | Value ------------------|------------------|--------------------|------ -SASS_BINARY_NAME | sass_binary_name | --sass-binary-name | path -SASS_BINARY_SITE | sass_binary_site | --sass-binary-site | URL -SASS_BINARY_PATH | sass_binary_path | --sass-binary-path | path -SASS_BINARY_DIR | sass_binary_dir | --sass-binary-dir | path +Variable name | .npmrc parameter | Process argument | Value +-------------------------|--------------------------|----------------------------|------ +SASS_BINARY_NAME | sass_binary_name | --sass-binary-name | path +SASS_BINARY_SITE | sass_binary_site | --sass-binary-site | URL +SASS_BINARY_PATH | sass_binary_path | --sass-binary-path | path +SASS_BINARY_DIR | sass_binary_dir | --sass-binary-dir | path +SASS_REJECT_UNAUTHORIZED | sass_reject_unauthorized | --sass-reject-unauthorized | value These parameters can be used as environment variable: @@ -615,6 +616,8 @@ As a process argument: * E.g. `npm install node-sass --sass-binary-site=http://example.com/` +If you are using self-signed certificates for your binary then `SASS_REJECT_UNAUTHORIZED` will override (rejectUnauthorized)[https://nodejs.org/docs/latest/api/tls.html#tls_tls_createserver_options_secureconnectionlistener]. + ## Post-install Build Install runs only two Mocha tests to see if your machine can use the pre-built [LibSass] which will save some time during install. If any tests fail it will build from source. diff --git a/scripts/util/downloadoptions.js b/scripts/util/downloadoptions.js index 23529716f..e9056b10e 100644 --- a/scripts/util/downloadoptions.js +++ b/scripts/util/downloadoptions.js @@ -1,5 +1,6 @@ var proxy = require('./proxy'), - userAgent = require('./useragent'); + userAgent = require('./useragent'), + rejectUnauthorized = require('./rejectUnauthorized'); /** * The options passed to request when downloading the bibary @@ -14,7 +15,7 @@ var proxy = require('./proxy'), */ module.exports = function() { var options = { - rejectUnauthorized: false, + rejectUnauthorized: rejectUnauthorized(), timeout: 60000, headers: { 'User-Agent': userAgent(), diff --git a/scripts/util/rejectUnauthorized.js b/scripts/util/rejectUnauthorized.js new file mode 100644 index 000000000..a1c801073 --- /dev/null +++ b/scripts/util/rejectUnauthorized.js @@ -0,0 +1,46 @@ +var pkg = require('../../package.json'); + +/** + * Get the value of a CLI argument + * + * @param {String} name + * @param {Array} args + * @api private + */ + function getArgument(name, args) { + var flags = args || process.argv.slice(2), + index = flags.lastIndexOf(name); + + if (index === -1 || index + 1 >= flags.length) { + return null; + } + + return flags[index + 1]; +} + +/** + * Get the value of reject-unauthorized + * If environment variable SASS_REJECT_UNAUTHORIZED is non-zero, + * .npmrc variable sass_reject_unauthorized or + * process argument --sass-reject_unauthorized is provided, + * set rejectUnauthorized to true + * Else set to false by default + * + * @return {Boolean} The value of rejectUnauthorized + * @api private + */ +module.exports = function() { + var rejectUnauthorized = false; + + if (getArgument('--sass-reject-unauthorized')) { + rejectUnauthorized = getArgument('--sass-reject-unauthorized'); + } else if (process.env.SASS_REJECT_UNAUTHORIZED !== '0') { + rejectUnauthorized = true; + } else if (process.env.npm_config_sass_reject_unauthorized) { + rejectUnauthorized = process.env.npm_config_sass_reject_unauthorized; + } else if (pkg.nodeSassConfig && pkg.nodeSassConfig.rejectUnauthorized) { + rejectUnauthorized = pkg.nodeSassConfig.rejectUnauthorized; + } + + return rejectUnauthorized; +}; diff --git a/test/downloadoptions.js b/test/downloadoptions.js index de8963842..a6e2d9bae 100644 --- a/test/downloadoptions.js +++ b/test/downloadoptions.js @@ -8,7 +8,7 @@ describe('util', function() { describe('without a proxy', function() { it('should look as we expect', function() { var expected = { - rejectUnauthorized: false, + rejectUnauthorized: true, timeout: 60000, headers: { 'User-Agent': ua(), @@ -33,7 +33,7 @@ describe('util', function() { it('should look as we expect', function() { var expected = { - rejectUnauthorized: false, + rejectUnauthorized: true, proxy: proxy, timeout: 60000, headers: { @@ -57,6 +57,25 @@ describe('util', function() { delete process.env.HTTP_PROXY; }); + it('should look as we expect', function() { + var expected = { + rejectUnauthorized: true, + timeout: 60000, + headers: { + 'User-Agent': ua(), + }, + encoding: null, + }; + + assert.deepStrictEqual(opts(), expected); + }); + }); + + describe('with SASS_REJECT_UNAUTHORIZED set to false', function() { + beforeEach(function() { + process.env.SASS_REJECT_UNAUTHORIZED = '0'; + }); + it('should look as we expect', function() { var expected = { rejectUnauthorized: false, @@ -70,5 +89,47 @@ describe('util', function() { assert.deepStrictEqual(opts(), expected); }); }); + + describe('with SASS_REJECT_UNAUTHORIZED set to true', function() { + beforeEach(function() { + process.env.SASS_REJECT_UNAUTHORIZED = '1'; + }); + + it('should look as we expect', function() { + var expected = { + rejectUnauthorized: true, + timeout: 60000, + headers: { + 'User-Agent': ua(), + }, + encoding: null, + }; + + assert.deepStrictEqual(opts(), expected); + }); + }); + + describe('with npm_config_sass_reject_unauthorized set to true', function() { + beforeEach(function() { + process.env.npm_config_sass_reject_unauthorized = true; + }); + + it('should look as we expect', function() { + var expected = { + rejectUnauthorized: true, + timeout: 60000, + headers: { + 'User-Agent': ua(), + }, + encoding: null, + }; + + assert.deepStrictEqual(opts(), expected); + }); + + afterEach(function() { + process.env.npm_config_sass_reject_unauthorized = undefined; + }); + }); }); }); From 918dcb3a7712a02578947b0354b9f109656f7abf Mon Sep 17 00:00:00 2001 From: Michael Mifsud Date: Sun, 28 Nov 2021 22:59:51 +1100 Subject: [PATCH 14/14] Lint fix Fix lint issue introduced in #3149. --- scripts/util/rejectUnauthorized.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/util/rejectUnauthorized.js b/scripts/util/rejectUnauthorized.js index a1c801073..43d8373a6 100644 --- a/scripts/util/rejectUnauthorized.js +++ b/scripts/util/rejectUnauthorized.js @@ -7,7 +7,7 @@ var pkg = require('../../package.json'); * @param {Array} args * @api private */ - function getArgument(name, args) { +function getArgument(name, args) { var flags = args || process.argv.slice(2), index = flags.lastIndexOf(name);