Sass-loader versions 12.4.0 and 12.3.0 are webpack loaders that allow developers to import and process Sass/SCSS files within their JavaScript modules. Both versions share a core set of dependencies like klona and neo-async for internal operations and development dependencies such as jest for testing, eslint for code linting, and webpack itself for integration.
The primary differences lie in their development dependency versions and peer dependency specifications. Version 12.4.0 upgrades several developer tools, most notably @commitlint/cli and @commitlint/config-conventional from version 13.1.0 to 15.0.0 which introduces new features and possibly stricter commit message conventions. Developers who depend heavily on commitlint for their workflow will likely benefit from this upgrade. Furthermore node-sass dependency updates to version 7.0.0.
Peer dependencies also exhibit a change; version 12.4.0 declares node-sass with the addition of version 7.0.0 whereas 12.3.0 supports only up to version 6.0.0. This signifies improved compatibility of sass-loader with node-sass version 7.
For developers considering an upgrade, it's essential to assess the impact of the dependency upgrades, especially @commitlint/cli and @commitlint/config-conventional, and if the node-sass increased compatibility matters for your project. In essence, version 12.4.0 delivers dependency updates and improved compatibility with node-sass v7, contributing to a more modern and robust toolchain for Sass processing within webpack projects.
The are not vulnerabilities for the version 12.4.0 of the package sass-loader
