Sass-loader, a Webpack loader for compiling SCSS/Sass files, saw a few notable adjustments between versions 6.0.1 and 6.0.2. While the core functionality remains consistent, several dependency updates might influence developer workflows and build processes. Async, a utility for asynchronous control flow, was bumped from version 2.0.1 to 2.1.5. Clone-deep, a deep cloning library, was added as a dependency, indicating a potential change in how sass-loader handles data structures internally. Dependency loader-utils was updated from 0.2.15 to 1.0.1.
On the development dependencies front, eslint was updated from 3.15.0 to 3.16.0, webpack-merge jumped from version 2.6.1 to 3.0.0, and webpack-dev-server advanced from 2.3.0 to 2.4.1. These updates likely brought improvements, bug fixes, or new features to the development environment used by sass-loader contributors, potentially impacting local testing and debugging. Developers leveraging webpack-merge in their own projects should verify compatibility. Because there are no big changes in the peer dependencies it's unlikely you'll have any compatibility problems between the two versions, but if you use Webpack version higher than 2 you should stick to the 6.0.2, or if you have any problem with that version you can try to fall back to the 6.0.1
The are not vulnerabilities for the version 6.0.2 of the package sass-loader
