[Snyk] Security upgrade gatsby-plugin-sass from 2.0.4 to 3.0.0

[jufemaiz]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	713/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.4	Prototype Pollution SNYK-JS-JSON5-3182856	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: gatsby-plugin-sass

The new version differs by 250 commits.

• f8cc2a3 chore(release): Publish
• ecebdd3 fix(gatsby-plugin-sharp): Add avif to pipeline (#28871) (#28876)
• 3f854ba perf(gatsby-plugin-mdx): Stop clobbering the same file over and over again (#27974) (#28874)
• 0c1c807 fix(create-gatsby) the sessionId is supposed to be the same for the whole duration of the session (#28864) (#28870)
• 6b7c5e7 fix(gatsby-plugin-image): Fix handling of sizes prop in SSR (#28835) (#28867)
• afac774 perf(gatsby-plugin-sharp): change approach to concurrency for image processing (#28575) (#28862)
• f04304e feat(gatsby): Partially release develop SSR to 5% (#28844) (#28859)
• ceeb7d4 fix(gatsby-plugin-sharp): Pass format-specific options in image-data (#28826) (#28853)
• 883d184 feature(gatsby): Extract non-css-in-js css and add add to <head> when SSRing in dev (#28471) (#28856)
• b648728 fix(gatsby-plugin-image): Correct image styles (#28834) (#28854)
• f45ba68 fix(gatsby-plugin-image): Better error logging (#28741) (#28855)
• f19c807 chore(gatsby): enable query on demand (and lazy images) by default for local development (#28787)
• bd6b899 feat(gatsby): use production React for dev-ssr when CI=true (#28728)
• abdb8d6 feat(gatsby-source-graphql): Default Apollo Link fetch wrapper to show better API errors (#28786)
• 3b40d80 feat(gatsby): enable lazy images by default (#28743)
• 968914f chore(release): Publish next
• 5c3931c chore(gatsby): Keep page renderer around (#28784)
• 2058775 feat: Add AVIF image support to beta image plugin (#28742)
• 146b197 fix(gatsby): print childOf directive for implicit child fields (#28483)
• 3af7182 chore(telemetry) improve github action and circle detection (#28732)
• 338ed78 chore(telemetry): add valueBoolean (#28734)
• 4021a57 chore(gatsby-source-graphql): docs on how to use apollo links (#28686)
• 3a51e22 perf(gatsby-source-contentful): dont re-create nodes (#28642)
• 6af620c fix(gatsby-plugin-image): Preload lazy-hydrator (#28690)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution