[Snyk] Security upgrade node-sass from 4.13.0 to 9.0.0

[adamlaska]

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix 16 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• package.json
• package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Prototype Pollution SNYK-JS-LODASH-567746	731
	Prototype Pollution SNYK-JS-LODASH-6139239	696
	Prototype Poisoning SNYK-JS-QS-3153490	696
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	696
	Prototype Pollution SNYK-JS-LODASH-608086	686
	Prototype Pollution SNYK-JS-Y18N-1021887	686
	Code Injection SNYK-JS-LODASH-1040724	681
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	644
	Prototype Pollution SNYK-JS-AJV-584908	619
	Prototype Pollution SNYK-JS-MINIMIST-559764	601
	Prototype Pollution SNYK-JS-YARGSPARSER-560381	601
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	586
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	586
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	586
	Prototype Pollution SNYK-JS-MINIMIST-2429795	506
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	479

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution
🦉 Regular Expression Denial of Service (ReDoS)
🦉 Code Injection

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@gar/promisify@1.1.3	None	0	4.2 kB	gar
npm/@npmcli/fs@2.1.2	filesystem	0	38.9 kB	gar
npm/@npmcli/move-file@2.0.1	filesystem	0	8.73 kB	gar
npm/@tootallnate/once@2.0.0	None	0	16.3 kB	tootallnate
npm/@types/minimist@1.2.5	None	0	6.27 kB	types
npm/@types/normalize-package-data@2.4.4	None	0	5.81 kB	types
npm/agent-base@4.2.1	network	0	35 kB	tootallnate
npm/agentkeepalive@4.5.0	network	0	43.7 kB	fengmk2
npm/aggregate-error@3.1.0	None	0	6.69 kB	sindresorhus
npm/ajv@5.5.2	eval	0	2.09 MB	esp
npm/aproba@2.0.0	None	0	8.05 kB	iarna
npm/are-we-there-yet@3.0.1	None	0	14.3 kB	lukekarrys
npm/async@1.0.0	None	0	99.4 kB	aearly
npm/bluebird@3.5.2	environment, eval	0	620 kB	esailija
npm/cacache@16.1.3	filesystem	0	73.5 kB	lukekarrys
npm/chownr@2.0.0	filesystem	0	5.75 kB	isaacs
npm/clean-stack@2.2.0	None	0	5.51 kB	sindresorhus
npm/cliui@8.0.1	None	0	32.3 kB	oss-bot
npm/co@4.6.0	None	0	16 kB	jongleberry
npm/color-support@1.1.3	None	0	9.23 kB	isaacs
npm/colors@1.0.3	None	0	109 kB	marak
npm/combined-stream@1.0.7	None	0	11.1 kB	alexindigo
npm/cycle@1.0.3	None	0	8.1 kB	dscape
npm/debug@3.2.5	environment	0	79.5 kB	qix
npm/encoding@0.1.13	None	+1	356 kB	andris
npm/env-paths@2.2.1	None	0	10.2 kB	sindresorhus
npm/err-code@2.0.3	None	0	12.3 kB	achingbrain
npm/es6-promise@4.2.5	None	0	318 kB	stefanpenner
npm/escalade@3.1.2	filesystem	0	11.6 kB	lukeed
npm/eyes@0.1.8	None	0	14 kB	indexzero
npm/fast-deep-equal@1.1.0	None	0	5.25 kB	esp
npm/form-data@2.3.2	filesystem, network	+1	41.2 kB	alexindigo
npm/fs-minipass@2.1.0	filesystem	0	14.1 kB	isaacs
npm/function-bind@1.1.2	None	0	31.4 kB	ljharb
npm/gauge@4.0.4	None	0	43.2 kB	gar
npm/get-caller-file@2.0.5	None	0	4.72 kB	stefanpenner
npm/graceful-fs@4.2.11	environment, filesystem	0	32.5 kB	isaacs
npm/har-validator@5.1.0	None	0	8.28 kB	ahmadnassri
npm/hard-rejection@2.1.0	None	0	5.14 kB	sindresorhus
npm/hasown@2.0.2	None	0	8.77 kB	ljharb
npm/http-cache-semantics@4.1.1	None	0	35.9 kB	kornel
npm/http-proxy-agent@5.0.0	network	0	17.1 kB	tootallnate
npm/https-proxy-agent@2.2.1	network	0	27.6 kB	tootallnate
npm/humanize-ms@1.2.1	None	0	3.66 kB	dead_horse
npm/infer-owner@1.0.4	filesystem	0	4.29 kB	isaacs
npm/ip-address@9.0.5	None	0	177 kB	beaugunderson
npm/is-core-module@2.15.0	None	0	31.5 kB	ljharb
npm/is-lambda@1.0.1	None	0	2.94 kB	watson
npm/js-base64@2.6.4	None	0	19 kB	dankogai
npm/json-parse-even-better-errors@2.3.1	None	0	10.4 kB	isaacs
npm/json-schema-traverse@0.3.1	None	0	16.8 kB	esp
npm/kind-of@6.0.3	None	0	22.8 kB	doowb
npm/lines-and-columns@1.2.4	None	0	5.39 kB	eventualbuddha
npm/lodash@4.17.14	None	0	1.4 MB	jdalton
npm/make-fetch-happen@10.2.1	environment, network	0	59.3 kB	gar
npm/mime-db@1.36.0	None	0	184 kB	dougwilson
npm/mime-types@2.1.20	None	0	14.9 kB	dougwilson
npm/min-indent@1.0.1	None	0	2.97 kB	thejameskyle
npm/minipass-collect@1.0.2	None	0	4.87 kB	isaacs
npm/minipass-fetch@2.1.2	environment, network	0	46.3 kB	gar
npm/minipass-flush@1.0.5	None	0	3.77 kB	isaacs
npm/minipass-pipeline@1.2.4	None	0	7 kB	isaacs
npm/minipass-sized@1.0.3	None	0	124 kB	isaacs
npm/minipass@3.3.6	None	0	48.1 kB	isaacs
npm/minizlib@2.1.2	None	0	17.3 kB	isaacs
npm/nan@2.20.0	None	0	430 kB	kkoopa
npm/negotiator@0.6.3	None	0	27.4 kB	dougwilson
npm/node-github-graphql@0.2.7	environment, network	0	7.71 kB	wilsonchingg
npm/node-gyp@8.4.1	environment, shell	0	1.98 MB	rvagg
npm/node-sass@9.0.0	environment, filesystem, network	0	1.83 MB	xzyfer
npm/nopt@5.0.0	environment	0	25.8 kB	isaacs
npm/npmlog@6.0.2	None	0	17.1 kB	lukekarrys
npm/p-map@4.0.0	None	0	8.69 kB	sindresorhus
npm/promise-inflight@1.0.1	None	0	3.04 kB	iarna
npm/promise-retry@2.0.1	None	0	15.6 kB	achingbrain
npm/psl@1.1.29	None	0	550 kB	lupomontero
npm/readable-stream@3.6.2	environment	0	124 kB	matteo.collina
npm/retry@0.12.0	None	0	32.2 kB	tim-kos
npm/sass-graph@4.0.1	filesystem	0	14.1 kB	xzyfer
npm/scss-tokenizer@0.4.3	filesystem Transitive: network	+1	266 kB	xzyfer
npm/signal-exit@3.0.7	None	0	9.96 kB	isaacs
npm/smart-buffer@4.2.0	None	0	138 kB	joshglazebrook
npm/socks-proxy-agent@7.0.0	network	0	22.8 kB	kikobeats
npm/socks@2.8.3	network	0	156 kB	joshglazebrook
npm/sshpk@1.14.2	None	0	209 kB	arekinath
npm/ssri@9.0.1	None	0	37.5 kB	nlf
npm/stack-trace@0.0.10	None	0	8.85 kB	felixge
npm/tar@6.2.1	environment, filesystem	+1	236 kB	isaacs
npm/true-case-path@2.2.1	filesystem	0	21.3 kB	caseywebb
npm/uglify-js@3.3.28	eval, filesystem	0	684 kB	alexlamsl
npm/unique-filename@2.0.1	None	0	3.45 kB	lukekarrys
npm/unique-slug@3.0.0	None	0	2.62 kB	lukekarrys
npm/uuid@3.3.2	None	0	43.6 kB	broofa
npm/wide-align@1.1.5	None	0	4.47 kB	iarna
npm/winston@2.4.4	filesystem	0	190 kB	indexzero
npm/wrap-ansi@7.0.0	None	0	10.6 kB	sindresorhus
npm/y18n@5.0.8	filesystem	0	23.4 kB	oss-bot

🚮 Removed packages: npm/amdefine@1.0.1, npm/aproba@1.2.0, npm/are-we-there-yet@1.1.5, npm/block-stream@0.0.9, npm/cliui@3.2.0, npm/code-point-at@1.1.0, npm/fstream@1.0.12, npm/function-bind@1.1.1, npm/gauge@2.7.4, npm/get-caller-file@1.0.3, npm/graceful-fs@4.2.2, npm/http-cache-semantics@4.0.3, npm/in-publish@2.0.0, npm/invert-kv@1.0.0, npm/is-finite@1.0.2, npm/js-base64@2.5.1, npm/kind-of@6.0.2, npm/lcid@1.0.0, npm/nan@2.14.0, npm/negotiator@0.6.2, npm/node-gyp@3.8.0, npm/node-sass@4.13.0, npm/nopt@3.0.6, npm/npmlog@4.1.2, npm/number-is-nan@1.0.1, npm/os-locale@1.4.0, npm/osenv@0.1.5, npm/pinkie-promise@2.0.1, npm/pinkie@2.0.4, npm/readable-stream@3.4.0, npm/repeating@2.0.1, npm/require-main-filename@1.0.1, npm/sass-graph@2.2.4, npm/scss-tokenizer@0.2.3, npm/signal-exit@3.0.2, npm/tar@2.2.2, npm/true-case-path@1.0.3, npm/which-module@1.0.0, npm/wide-align@1.1.3, npm/wrap-ansi@2.1.0, npm/y18n@3.2.1

View full report↗︎