Bump tar, node-sass and node-sass-middleware

[dependabot[bot]]

Bumps tar to 6.1.11 and updates ancestor dependencies tar, node-sass and node-sass-middleware. These dependencies need to be updated together.

Updates tar from 4.4.13 to 6.1.11

Changelog

Sourced from tar's changelog.

Changelog

6.0

• Drop support for node 6 and 8
• fix symlinks and hardlinks on windows being packed with \-style path targets

5.0

• Address unpack race conditions using path reservations
• Change large-numbers errors from TypeError to Error
• Add TAR_* error codes
• Raise TAR_BAD_ARCHIVE warning/error when there are no valid entries found in an archive
• do not treat ignored entries as an invalid archive
• drop support for node v4
• unpack: conditionally use a file mapping to write files on Windows
• Set more portable 'mode' value in portable mode
• Set portable gzip option in portable mode

4.4

• Add 'mtime' option to tar creation to force mtime
• unpack: only reuse file fs entries if nlink = 1
• unpack: rename before unlinking files on Windows
• Fix encoding/decoding of base-256 numbers
• Use stat instead of lstat when checking CWD
• Always provide a callback to fs.close()

4.3

• Add 'transform' unpack option

4.2

• Fail when zlib fails

4.1

• Add noMtime flag for tar creation

4.0

• unpack: raise error if cwd is missing or not a dir
• pack: don't drop dots from dotfiles when prefixing

3.1

• Support @file.tar as an entry argument to copy entries from one tar

... (truncated)

Commits

• e573aee 6.1.11
• edb8e9a fix: perf regression on hot string munging path
• a9d9b05 chore(test): Avoid spurious failures packing node_modules/.cache
• 24b8bda fix(test): use posix path for testing path reservations
• e5a223c fix(test): make unpack test pass on case-sensitive fs
• 188badd 6.1.10
• 23312ce drop dirCache for symlink on all platforms
• 4f1f4a2 6.1.9
• 875a37e fix: prevent path escape using drive-relative paths
• b6162c7 fix: reserve paths properly for unicode, windows
• Additional commits viewable in compare view

Updates node-sass from 4.14.1 to 7.0.3

Release notes

Sourced from node-sass's releases.

v7.0.3

Dependencies

• Bump sass-graph from 4.0.0 to ^4.0.1

Supported Environments

OS	Architecture	Node
Windows	x86 & x64	12, 14, 16, 17
OSX	x64	12, 14, 16, 17
Linux*	x64	12, 14, 16, 17
Alpine Linux	x64	12, 14, 16, 17
FreeBSD	i386 amd64	12, 14

*Linux support refers to major distributions like Ubuntu, and Debian

v7.0.2

This release has been unpublished

v7.0.1

Dependencies

• Bump node-gyp from 7.1.2 to 8.4.1
• Bump sass-graph from 2.2.5 to 4.0.0

Supported Environments

OS	Architecture	Node
Windows	x86 & x64	12, 14, 16, 17
OSX	x64	12, 14, 16, 17
Linux*	x64	12, 14, 16, 17
Alpine Linux	x64	12, 14, 16, 17
FreeBSD	i386 amd64	12, 14

*Linux support refers to major distributions like Ubuntu, and Debian

v7.0.0

Breaking changes

• Drop support for Node 15 (@​nschonni)
• Set rejectUnauthorized to true by default (@​scott-ut, #3149)

Features

• Add support for Node 17 (@​nschonni)

Dependencies

... (truncated)

Commits

• 73869ea 7.0.3
• 11e2ab9 7.0.2
• dc15b70 Bump sass-graph@^4.0.1
• 99242d7 7.0.1
• 77049d1 build(deps): bump sass-graph from 2.2.5 to 4.0.0 (#3224)
• c929f25 build(deps): bump node-gyp from 7.1.2 to 8.4.1 (#3209)
• 918dcb3 Lint fix
• 0a21792 Set rejectUnauthorized to true by default (#3149)
• e80d4af chore: Drop EOL Node 15 (#3122)
• d753397 feat: Add Node 17 support (#3195)
• Additional commits viewable in compare view

Updates node-sass-middleware from 0.11.0 to 1.0.1

Commits

• 59091f0 Update to 1.0.1 (#152)
• ef36324 fix: update license property
• ccb8d99 Bump node-sass version to v7.0.1 (#149)
• 6edba5f Replace var keywords with const (#150)
• b6a78e0 Merge pull request #147 from nschonni/remove-lock
• 85de4cf chore: Ad NPM publish Action
• d35f1db chore: Replace Travis-CI with GitHub Actions
• 8253c24 feat: v1.0.0 release
• 67d90fa feat: Set minimum support Node at 12
• 9bc529f typo: supportend -> supported
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.