acronym-decoder icon indicating copy to clipboard operation
acronym-decoder copied to clipboard
verified publisher icon capitalone

[Snyk] Upgrade sass from 1.64.2 to 1.67.0

Open amadib opened this issue 2 years ago • 2 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade sass from 1.64.2 to 1.67.0.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 5 versions ahead of your current version.
  • The recommended version was released 22 days ago, on 2023-09-14.
Release notes
Package name: sass
  • 1.67.0 - 2023-09-14

    To install Sass 1.67.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

    Changes

    • All functions defined in CSS Values and Units 4 are now once again parsed as calculation objects: round(), mod(), rem(), sin(), cos(), tan(), asin(), acos(), atan(), atan2(), pow(), sqrt(), hypot(), log(), exp(), abs(), and sign().

      Unlike in 1.65.0, function calls are not locked into being parsed as calculations or plain Sass functions at parse-time. This means that user-defined functions will take precedence over CSS calculations of the same name. Although the function names calc() and clamp() are still forbidden, users may continue to freely define functions whose names overlap with other CSS calculations (including abs(), min(), max(), and round() whose names overlap with global Sass functions).

    • As a consequence of the change in calculation parsing described above, calculation functions containing interpolation are now parsed more strictly than before. However, all interpolations that would have produced valid CSS will continue to work, so this is not considered a breaking change.

    • Interpolations in calculation functions that aren't used in a position that could also have a normal calculation value are now deprecated. For example, calc(1px #{"+ 2px"}) is deprecated, but calc(1px + #{"2px"}) is still allowed. This deprecation is named calc-interp. See the Sass website for more information.

    • Potentially breaking bug fix: The importer used to load a given file is no longer used to load absolute URLs that appear in that file. This was unintented behavior that contradicted the Sass specification. Absolute URLs will now correctly be loaded only from the global importer list. This applies to the modern JS API, the Dart API, and the embedded protocol.

    Embedded Sass

    • Substantially improve the embedded compiler's performance when compiling many files or files that require many importer or function call round-trips with the embedded host.

    See the full changelog for changes in earlier releases.

  • 1.66.1 - 2023-08-18

    To install Sass 1.66.1, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

    Changes

    JS API

    • Fix a bug where Sass compilation could crash in strict mode if passed a callback that threw a string, boolean, number, symbol, or bignum.

    See the full changelog for changes in earlier releases.

  • 1.66.0 - 2023-08-17

    To install Sass 1.66.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

    Changes

    • Breaking change: Drop support for the additional CSS calculations defined in CSS Values and Units 4. Custom Sass functions whose names overlapped with these new CSS functions were being parsed as CSS calculations instead, causing an unintentional breaking change outside our normal [compatibility policy] for CSS compatibility changes.

      Support will be added again in a future version, but only after Sass has emitted a deprecation warning for all functions that will break for at least three months prior to the breakage.

    See the full changelog for changes in earlier releases.

  • 1.65.1 - 2023-08-09

    To install Sass 1.65.1, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

    Changes

    • Update abs-percent deprecatedIn version to 1.65.0.

    See the full changelog for changes in earlier releases.

  • 1.65.0 - 2023-08-09

    To install Sass 1.65.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

    Changes

    • All functions defined in CSS Values and Units 4 are now parsed as calculation objects: round(), mod(), rem(), sin(), cos(), tan(), asin(), acos(), atan(), atan2(), pow(), sqrt(), hypot(), log(), exp(), abs(), and sign().

    • Deprecate explicitly passing the % unit to the global abs() function. In future releases, this will emit a CSS abs() function to be resolved by the browser. This deprecation is named abs-percent.

    See the full changelog for changes in earlier releases.

  • 1.64.2 - 2023-07-31
from sass GitHub release notes
Commit messages
Package name: sass
  • 5c31d1f Re-enable new calculation functions (#2080)
  • bdb145f Fix example (#2074)
  • 77e208c Run cli compilations in parallel dart isolates (#2078)
  • fddf421 Don't try to load absolute URLs from the base importer (#2077)
  • af0118a Improve `sass --embedded` performance (#2013)
  • 58cbab4 Stop working around dart-lang/linter#4381 (#2071)
  • 8f0eca3 Update README.md (#2069)
  • aa53bd0 Use wrapJSExceptions() to work around dart-lang/sdk#53105 (#2055)
  • e70cd5a Merge pull request #2067 from sass/revert-calc
  • a6a06b7 Update pubspec and changelog and re-add abs-percent deprecation
  • 458852d Revert "Calc functions implementation (#1970)"
  • 86a2f42 Revert "Update abs-percent deprecatedIn version (#2057)"
  • 4a86812 Bump http from 0.13.6 to 1.1.0 (#2062)
  • bb24476 Update abs-percent deprecatedIn version (#2057)
  • e4c8cd6 Calc functions implementation (#1970)
  • 4c3bd0e Deprecate explicitly passing null as an alpha value (#2049)
  • 8802c69 Add ignores to work around dart-lang/linter#4381 (#2053)
  • 17e3a48 Convert Sass to Dart 3 style (#2038)
  • 8e5e7fc Add a pubignore so pub knows to publish protobuf files (#2050)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

amadib avatar Oct 05 '23 15:10 amadib

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

CLAassistant avatar Oct 05 '23 15:10 CLAassistant

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

sonarqubecloud[bot] avatar Oct 05 '23 15:10 sonarqubecloud[bot]