[Snyk] Upgrade stylelint-config-standard-scss from 5.0.0 to 14.0.0

[Sec32fun32]

Snyk has created this PR to upgrade stylelint-config-standard-scss from 5.0.0 to 14.0.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

• The recommended version is 13 versions ahead of your current version.

• The recommended version was released a month ago.

Release notes

Package name: stylelint-config-standard-scss

• 14.0.0 - 2024-11-30
  
  • Changed: updated to [email protected].
  • Removed: stylelint less than 16.11.0 from peer dependencies.
• 13.1.0 - 2024-04-02
  
  • Changed: scss/dollar-variable-colon-space-after from always to always-single-line to be compatible with the default formatting of Prettier.
• 13.0.0 - 2024-01-04
  
  • Changed: updated to [email protected]
  • Removed: stylelint less than 16.1.0 from peer dependencies.
• 12.0.0 - 2023-12-11
  
  • Changed: updated to [email protected].
  • Changed: updated to [email protected]
  • Removed: stylelint less than 16.0.2 from peer dependencies.
  • Removed: Node.js less than 18.12.0 support.
• 11.1.0 - 2023-11-02
  
  • Changed: updated to [email protected].
• 11.0.0 - 2023-09-03
  
  • Changed: updated to [email protected].
  • Changed: updated to [email protected]
  • Removed: stylelint less than 15.10.0 from peer dependencies.
• 10.0.0 - 2023-06-29
  
  • Changed: updated to [email protected].
• 9.0.0 - 2023-04-24
  
  • Changed: updated to [email protected].
  • Changed: updated to [email protected]
  • Removed: stylelint less than 15.5.0 from peer dependencies.
• 8.0.0 - 2023-04-10
  
  • Changed: updated to [email protected].
  • Changed: updated to [email protected]
  • Removed: stylelint less than 15.4.0 from peer dependencies.
• 7.0.1 - 2023-02-13
  
  • Fixed: remove deprecated rule block-closing-brace-newline-after (#68).
• 7.0.0 - 2023-02-12
• 6.1.0 - 2022-11-04
• 6.0.0 - 2022-10-25
• 5.0.0 - 2022-07-15

from stylelint-config-standard-scss GitHub release notes

---

Important

• Warning: This PR contains a major version upgrade, and may be a breaking change.
• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@arethetypeswrong/[email protected]	Transitive: environment, filesystem, network, shell	+26	30.1 MB	andrewbranch
npm/@babel/[email protected]	environment, filesystem, unsafe	+30	11.1 MB	nicolo-ribaudo
npm/@babel/[email protected]	environment Transitive: unsafe	+101	12.2 MB	nicolo-ribaudo
npm/@eslint-community/[email protected]	Transitive: environment	+3	3.82 MB	eslint-community-bot
npm/@eslint-community/[email protected]	None	0	473 kB	eslint-community-bot
npm/@eslint/[email protected]	None	+1	372 kB	eslintbot
npm/@eslint/[email protected]	None	0	60 kB	eslintbot
npm/@eslint/[email protected]	filesystem, unsafe Transitive: environment	+4	1.38 MB	eslintbot
npm/@eslint/[email protected]	None	0	14.9 kB	eslintbot, openjsfoundation
npm/@eslint/[email protected]	None	+1	300 kB	eslintbot
npm/@eslint/[email protected]	None	+1	102 kB	eslintbot
npm/@humanfs/[email protected]	None	+2	162 kB	nzakas
npm/@humanwhocodes/[email protected]	unsafe	0	21.2 kB	nzakas
npm/@humanwhocodes/[email protected]	None	0	64.9 kB	nzakas
npm/@trunkio/[email protected]	None	0	58 kB	lauritrunk
npm/@types/[email protected]	None	0	25.8 kB	types
npm/@types/[email protected]	None	0	31.7 kB	types
npm/@types/[email protected]	None	0	2.22 MB	types
npm/@typescript-eslint/[email protected]	Transitive: environment	+7	1.89 MB	bradzacher, jameshenry
npm/@wdio/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	+146	221 MB	wdio-user
npm/@wdio/[email protected]	environment Transitive: eval, filesystem, network, shell	+113	13.9 MB	wdio-user
npm/@wdio/[email protected]	Transitive: environment	+6	1.03 MB	wdio-user
npm/@wdio/[email protected]	Transitive: environment, eval, filesystem, network, shell	+32	6.83 MB	wdio-user
npm/[email protected]	filesystem	+7	454 kB	nicolo-ribaudo
npm/[email protected]	filesystem, unsafe Transitive: environment, shell	+14	1.08 MB	oss-bot
npm/[email protected]	None	+5	856 kB	chaijs
npm/[email protected]	Transitive: network	+21	796 kB	mattmueller
npm/[email protected]	environment, eval, filesystem	0	1.26 MB	zloirock
npm/[email protected]	filesystem	+1	209 kB	eslint-community-bot
npm/[email protected]	filesystem Transitive: environment	+12	2.6 MB	joshuakgoldberg
npm/[email protected]	Transitive: filesystem	+2	1.75 MB	ota-meshi
npm/[email protected]	environment, filesystem, shell Transitive: network	+8	3.14 MB	eslintbot
npm/[email protected]	None	0	16.2 kB	not-an-aardvark
npm/[email protected]	None	+2	202 kB	eslintbot
npm/[email protected]	Transitive: environment, filesystem	+4	150 kB	lydell
npm/[email protected]	None	+2	651 kB	eslintbot
npm/[email protected]	None	+1	1.07 MB	michaelficarra
npm/[email protected]	filesystem	+4	112 kB	jaredwray
npm/[email protected]	environment, filesystem	+3	205 kB	kettanaito
npm/[email protected]	None	0	7.72 kB	phated
npm/[email protected]	Transitive: environment, shell	+12	1.39 MB	isaacs
npm/[email protected]	None	0	177 kB	sindresorhus
npm/[email protected]	filesystem, network	+19	570 kB	sindresorhus
npm/[email protected]	None	0	0 B
npm/[email protected]	None	0	14.2 kB	samn
npm/[email protected]	environment, eval Transitive: filesystem, shell	+14	2.52 MB	webpro
npm/[email protected]	environment, filesystem Transitive: shell	+32	1.57 MB	okonet
npm/[email protected]	shell Transitive: environment	+13	213 kB	gyandeeps
npm/[email protected]	None	0	54.1 kB	jdalton
npm/[email protected]	None	0	428 kB	tonybrix
npm/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	+37	11 MB	kikobeats
npm/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	+37	11 MB	kikobeats
npm/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	+41	11.1 MB	kikobeats
npm/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	+37	11 MB	kikobeats
npm/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	+37	11 MB	kikobeats
npm/[email protected]	Transitive: environment, eval, filesystem, network, shell, unsafe	+52	14.2 MB	ianstormtaylor, kikobeats, mahnuh, ...1 more
npm/[email protected]	environment, eval, filesystem	+28	3.82 MB	voxpelli
npm/[email protected]	None	0	5.65 kB	megawac

🚮 Removed packages: npm/@11ty/[email protected], npm/@11ty/[email protected], npm/@11ty/[email protected], npm/@11ty/[email protected], npm/@11ty/[email protected], npm/@11ty/[email protected], npm/@munter/[email protected], npm/@types/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source	CI
High CVE	npm/[email protected]	CVE: GHSA-p6mc-m468-83gw Prototype Pollution in lodash (HIGH) Affected versions: >= 4.0.0, <= 4.4.0 Patched version: No patched versions	package.json	⚠︎
Deprecated	npm/[email protected]	Reason: Package no longer supported. Contact Support at https://www.npmjs.com/support for more info.	Source	⚠︎
Unpopular package	npm/@babel/[email protected]	Location: Package overview	package.json	⚠︎
Unstable ownership	npm/[email protected]	Author: ljharb	Source	⚠︎

View full report↗︎

Next steps

What is a CVE?

Contains a high severity Common Vulnerability and Exposure (CVE).

Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies.

What is a deprecated package?

The maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.

Research the state of the package and determine if there are non-deprecated versions that can be used, or if it should be replaced with a new, supported solution.

What are unpopular packages?

This package is not very popular.

Unpopular packages may have less maintenance and contain other problems.

What is unstable ownership?

A new collaborator has begun publishing package versions. Package stability and security risk may be elevated.

Try to reduce the number of authors you depend on to reduce the risk to malicious actors gaining access to your supply chain. Packages should remove inactive collaborators with publishing rights from packages on npm.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/[email protected]
• @SocketSecurity ignore npm/[email protected]
• @SocketSecurity ignore npm/@babel/[email protected]
• @SocketSecurity ignore npm/[email protected]

[github-actions]

Hi everyone, it looks like we lost track of this pull request. Please review and see what the next steps are. This pull request will auto-close in 7 days without an update.

[github-actions]

This pull request was auto-closed due to inactivity. While we wish we could keep working on every request, we unfortunately don't have the bandwidth to continue here and need to focus on other things. You can resubmit this pull request if you would like to continue working on it.