[Snyk] Security upgrade node-sass from 3.3.3 to 3.7.0

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	550/1000 Why? Has a fix available, CVSS 6.5	Out-of-Bounds SNYK-JS-NODESASS-535498	No	No Known Exploit
	550/1000 Why? Has a fix available, CVSS 6.5	NULL Pointer Dereference SNYK-JS-NODESASS-535502	No	No Known Exploit
	619/1000 Why? Has a fix available, CVSS 8.1	Out-of-bounds Read SNYK-JS-NODESASS-540956	No	No Known Exploit
	429/1000 Why? Has a fix available, CVSS 4.3	Out-of-bounds Read SNYK-JS-NODESASS-540958	No	No Known Exploit
	429/1000 Why? Has a fix available, CVSS 4.3	Uncontrolled Recursion SNYK-JS-NODESASS-540964	No	No Known Exploit
	654/1000 Why? Has a fix available, CVSS 8.8	NULL Pointer Dereference SNYK-JS-NODESASS-540974	No	No Known Exploit
	539/1000 Why? Has a fix available, CVSS 6.5	Denial of Service (DoS) SNYK-JS-NODESASS-540978	No	No Known Exploit
	539/1000 Why? Has a fix available, CVSS 6.5	Denial of Service (DoS) SNYK-JS-NODESASS-540980	No	No Known Exploit
	539/1000 Why? Has a fix available, CVSS 6.5	Out-of-bounds Read SNYK-JS-NODESASS-540990	No	No Known Exploit
	429/1000 Why? Has a fix available, CVSS 4.3	NULL Pointer Dereference SNYK-JS-NODESASS-540992	No	No Known Exploit
	539/1000 Why? Has a fix available, CVSS 6.5	NULL Pointer Dereference SNYK-JS-NODESASS-540994	No	No Known Exploit
	619/1000 Why? Has a fix available, CVSS 8.1	Out-of-bounds Read SNYK-JS-NODESASS-540996	No	No Known Exploit
	539/1000 Why? Has a fix available, CVSS 6.5	Out-of-Bounds SNYK-JS-NODESASS-540998	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: node-sass

The new version differs by 173 commits.

• 9938557 v3.7.0
• ca05f39 Attempt to fix AppVeyor tag race condition (#1519)
• 6027012 v3.7.0
• e1250eb Add Node 6 config to Travis (#1517)
• 15fe42e Node 6 with AppVeyor: don't use subst for testing (#1514)
• 0bc5da4 Simplify Node versions in Travis Ci (#1500)
• b850684 Replace deprecated npmconf package. (#1492)
• ff17933 Fix final Node 6 deprecation warnings (#1498)
• b0e1e1b Add Node 6 as a supported runtime (#1499)
• 9c71aef Update NAN to at least 2.3.2 (#1496)
• 9de9a47 Remove .only in tests
• c56f4a1 Add supported node versions to readme
• b527e60 Improve error message for unsupported environments (#1491)
• e232674 Replace TODO URL with release tab for supported versions (#1488)
• a405400 v3.6.0
• 3dcb6e2 Bump LibSass to 3.3.6 (#1476)
• ca96aa7 Fix typo
• a4a7aad v3.5.3
• 03bd69e Revert "Replace "request" by "got""
• 7e0c359 v3.5.2
• 40aeee4 Revert removal on npmconf
• d707218 Bump v3.5.1 because npm
• a15f54c Merge pull request #1452 from saper/fix-build
• 4f420a5 Use "double quotes" around the binding file name

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic