[Snyk] Upgrade sass from 1.53.0 to 1.63.6

[WontonSam]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade sass from 1.53.0 to 1.63.6.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 35 versions ahead of your current version.
• The recommended version was released 2 months ago, on 2023-06-21.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Undesired Behavior SNYK-JS-STYLEDCOMPONENTS-3149924	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: sass

• 1.63.6 - 2023-06-21
  

  To install Sass 1.63.6, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

  Changes

  JavaScript API

  • Fix import sass from 'sass' again after it was broken in the last release.

  Embedded Sass

  • Fix the exports declaration in package.json.

  See the full changelog for changes in earlier releases.

• 1.63.5 - 2023-06-21
  

  To install Sass 1.63.5, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

  Changes

  JavaScript API

  • Fix a bug where loading the package through both CJS require() and ESM import could crash on Node.js.

  Embedded Sass

  • Fix a deadlock when running at high concurrency on 32-bit systems.

  • Fix a race condition where the embedded compiler could deadlock or crash if a compilation ID was reused immediately after the compilation completed.

  See the full changelog for changes in earlier releases.

• 1.63.4 - 2023-06-14
• 1.63.3 - 2023-06-09
• 1.63.2 - 2023-06-08
• 1.63.1 - 2023-06-08
• 1.63.0 - 2023-06-07
• 1.62.1 - 2023-04-25
• 1.62.0 - 2023-04-11
• 1.61.0 - 2023-04-06
• 1.60.0 - 2023-03-23
• 1.59.3 - 2023-03-14
• 1.59.2 - 2023-03-11
• 1.59.1 - 2023-03-10
• 1.59.0 - 2023-03-10
• 1.58.3 - 2023-02-18
• 1.58.2 - 2023-02-17
• 1.58.1 - 2023-02-14
• 1.58.0 - 2023-02-01
• 1.57.1 - 2022-12-19
• 1.57.0 - 2022-12-17
• 1.56.2 - 2022-12-08
• 1.56.1 - 2022-11-09
• 1.56.0 - 2022-11-04
• 1.55.0 - 2022-09-21
• 1.54.9 - 2022-09-07
• 1.54.8 - 2022-08-31
• 1.54.7 - 2022-08-31
• 1.54.6 - 2022-08-29
• 1.54.5 - 2022-08-19
• 1.54.4 - 2022-08-10
• 1.54.3 - 2022-08-04
• 1.54.2 - 2022-08-03
• 1.54.1 - 2022-08-02
• 1.54.0 - 2022-07-22
• 1.53.0 - 2022-06-22

from sass GitHub release notes

Commit messages

Package name: sass

• 658eb70 Cut a release (Issue: Improve the docs.github.com site github/docs#2025)
• b4e8a74 Use the new import name for the ESM default export (Kdkd github/docs#2026)
• a48ced8 Fix a race condition with re-used compilation isolate IDs (xx github/docs#2018)
• 62f29c8 Update README: npm package does not support --embedded flag (rmmak github/docs#2022)
• cb4b442 Add a changelog entry for Fix double-loading packages on npm google/dart_cli_pkg#132 (repo sync github/docs#2020)
• c41d52a Bump protobuf and protoc_plugin (update dropdown github/docs#2021)
• 3fce74c Update README: install with brew on macOS or Linux (Automatically added for iOS & OS X Mail Outlook.office365.com github/docs#2012)
• b11840e Limit pool size (Update issue_comment link in GitHub Actions docs github/docs#2019)
• e34a0c7 Cut a release (repo sync github/docs#2016)
• 3de612e Re-enable support for default exports (repo sync github/docs#2009)
• ce58d87 Add missing ESM exports (Create a new release is documented as Draft a new release for GHE 2.21 github/docs#2010)
• aa59a5f Fix race condition between spawning and killing isolates during shutdown (Update the supported Language/platforms list github/docs#2007)
• 760fa2e Add current stylesheet to loadedUrls when throwing parsing error (this is a test - do not merge github/docs#1991)
• 645e48f Cut a release (Check out "WiFi Analyzer" github/docs#2006)
• eb09d75 Fix a few more deployment issues (Update index.md github/docs#1998)
• ce909e4 Use the correct pub credential location for deploying sub-packages (first program bankaccount github/docs#1997)
• eea0717 Block release on all tests (#1996)
• d82654b Fix deploy configuration (Fix filter pattern cheat sheet examples github/docs#1994)
• c3ed547 Release 1.63.0 (Update README.md github/docs#1987)
• a88318f Run embedded compilations across multiple isolates (Suggestions and clarifications around the CONTRIBUTING file github/docs#1981)
• b0efcb0 Fix README Docker example (The autoupdater does not support crons github/docs#1982) (Update configuring-your-server-to-receive-payloads.md#2 github/docs#1983)
• 44a3caf Update README.md (Create log github/docs#1979)
• 21f98c6 Fix the syntax for browser examples in the README (repo sync github/docs#1975)
• 9e1d18a Upgrade the analyzer package (repo sync github/docs#1974)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs