Sass-loader is a Webpack loader that allows you to import Sass/SCSS files into your JavaScript modules, enabling you to use Sass preprocessor features within your Webpack builds. Version 7.0.0 brings important changes compared to the previous stable version 6.0.7, particularly in its peer dependency requirements. While both versions share the same core dependencies like pify, neo-async, clone-deep, lodash.tail, and loader-utils, version 7.0.0 now exclusively supports Webpack versions 3 and 4 as peer dependencies (webpack: ^3.0.0 || ^4.0.0). Version 6.0.7 supported Webpack version 2, but this is no longer supported. This is a breaking change for users still on Webpack 2.
The key takeaway for developers is that upgrading to sass-loader 7.0.0 necessitates using Webpack 3 or 4. The node-sass peer dependency is removed in version 7, meaning that any compatible version is accepted, while the version 6.0.7 required a node-sass version greater than 4. This is good for more recent versions of node-sass as the node-sass dependency is often a point of friction. Developers should also note the updated release date, indicating a more recent version with potential bug fixes and improvements. Both versions maintain the MIT license and are authored by J. Tangelder, ensuring consistent licensing terms and authorship. When upgrading, developers should carefully review their Webpack configuration and node-sass version to ensure compatibility and a smooth transition.
The are not vulnerabilities for the version 7.0.0 of the package sass-loader
