Skip to content

Commit

Permalink
[CVE-2022-25758][CVE-2020-24025] Bump node-sass to 7.0.3 and sass-loa…
Browse files Browse the repository at this point in the history
…der to 10.4.1 in 2.x (#3455)

Bump node-sass to 7.0.3 and sass-loader to 10.4.1

Issue Resolved:
#1067
#1842

Signed-off-by: Anan Zhuang <ananzh@amazon.com>
  • Loading branch information
ananzh authored Feb 18, 2023
1 parent a611452 commit 05a9573
Show file tree
Hide file tree
Showing 5 changed files with 91 additions and 103 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
- [CVE-2022-25860] Bump simple-git from 3.15.1 to 3.16.0 ([#3345](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3345))
- [CVE-2020-36632] [REQUIRES PLUGIN VALIDATION] Bump flat from 4.1.1 to 5.0.2 ([#3419](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3419)). To the best of our knowledge, this is a non-breaking change, but if your plugin relies on `mocha` tests, validate that they still work correctly (and plan to migrate them to `jest` [in preparation for `mocha` deprecation](https://github.com/opensearch-project/OpenSearch-Dashboards/issues/1572).
- [CVE-2023-25166] Bump formula from 3.0.0 to 3.0.1 ([#3416](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3416))
- [CVE-2022-25758][CVE-2020-24025] Bump node-sass to 7.0.3 and sass-loader to 10.4.1 in 2.x ([#3455](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3455))

### 📈 Features/Enhancements

Expand Down
1 change: 1 addition & 0 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,7 @@
"**/loader-utils": "^2.0.4",
"**/node-jose": "^2.2.0",
"**/nth-check": "^2.0.1",
"**/sass-loader": "^10.4.1",
"**/trim": "^0.0.3",
"**/typescript": "4.0.2",
"**/unset-value": "^2.0.1",
Expand Down
2 changes: 1 addition & 1 deletion packages/osd-optimizer/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@
"js-yaml": "^3.14.0",
"json-stable-stringify": "^1.0.1",
"lmdb-store": "^1.6.11",
"node-sass": "^6.0.1",
"node-sass": "^7.0.3",
"normalize-path": "^3.0.0",
"pirates": "^4.0.1",
"postcss": "^8.4.5",
Expand Down
2 changes: 1 addition & 1 deletion packages/osd-ui-framework/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@
"grunt-babel": "^8.0.0",
"grunt-contrib-clean": "^2.0.0",
"grunt-contrib-copy": "^1.0.0",
"node-sass": "^6.0.1",
"node-sass": "^7.0.3",
"postcss": "^8.4.5",
"sinon": "^7.4.2"
}
Expand Down
Loading

0 comments on commit 05a9573

Please sign in to comment.