[Snyk] Upgrade sass from 1.56.1 to 1.93.2

[nejidevelops]

Snyk has created this PR to upgrade sass from 1.56.1 to 1.93.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 98 versions ahead of your current version.

• The recommended version was released 22 days ago.

Release notes

Package name: sass

• 1.93.2 - 2025-09-23
  

  To install Sass 1.93.2, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

  Changes

  • No user-visible changes.

  JavaScript API

  • Fix another error in the release process for @ sass/types.

  See the full changelog for changes in earlier releases.

• 1.93.1 - 2025-09-22
  

  To install Sass 1.93.1, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

  Changes

  • No user-visible changes.

  JavaScript API

  • Fix an error in the release process for @ sass/types.

  See the full changelog for changes in earlier releases.

• 1.93.0 - 2025-09-19
  

  To install Sass 1.93.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

  Changes

  • Fix a crash when a style rule contains a nested @ import, and the loaded file @ uses a user-defined module as well as @ includes a top-level mixin which emits top-level declarations.

  JavaScript API

  • Release a @ sass/types package which contains the type annotations used by both the sass and sass-embedded package without any additional code or dependencies.

  See the full changelog for changes in earlier releases.

• 1.92.1 - 2025-09-05
  

  To install Sass 1.92.1, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

  Changes

  • Fix a bug where variable definitions from one imported, forwarded module would not be passed as implicit configuration to a later imported, forwarded module.

  See the full changelog for changes in earlier releases.

• 1.92.0 - 2025-09-02
• 1.91.0 - 2025-08-25
• 1.90.0 - 2025-08-05
• 1.89.2 - 2025-06-09
• 1.89.1 - 2025-05-30
• 1.89.0 - 2025-05-16
• 1.88.0 - 2025-05-10
• 1.87.0 - 2025-04-21
• 1.86.3 - 2025-04-04
• 1.86.2 - 2025-04-02
• 1.86.1 - 2025-03-31
• 1.86.0 - 2025-03-17
• 1.85.1 - 2025-02-25
• 1.85.0 - 2025-02-14
• 1.84.0 - 2025-02-06
• 1.83.4 - 2025-01-14
• 1.83.3 - 2025-01-14
• 1.83.2 - 2025-01-14
• 1.83.1 - 2025-01-04
• 1.83.0 - 2024-12-12
• 1.82.0 - 2024-12-03
• 1.81.1 - 2024-12-03
• 1.81.0 - 2024-11-15
• 1.80.7 - 2024-11-12
• 1.80.6 - 2024-11-01
• 1.80.5 - 2024-10-29
• 1.80.4 - 2024-10-23
• 1.80.3 - 2024-10-18
• 1.80.2 - 2024-10-17
• 1.80.1 - 2024-10-17
• 1.80.0 - 2024-10-17
• 1.79.6 - 2024-10-16
• 1.79.5 - 2024-10-11
• 1.79.4 - 2024-09-28
• 1.79.3 - 2024-09-20
• 1.79.2 - 2024-09-19
• 1.79.1 - 2024-09-18
• 1.79.0 - 2024-09-17
• 1.78.0 - 2024-09-03
• 1.77.8 - 2024-07-11
• 1.77.7 - 2024-07-09
• 1.77.6 - 2024-06-17
• 1.77.5 - 2024-06-11
• 1.77.4 - 2024-05-30
• 1.77.3 - 2024-05-29
• 1.77.2 - 2024-05-16
• 1.77.1 - 2024-05-10
• 1.77.0 - 2024-05-07
• 1.76.0 - 2024-04-30
• 1.75.0 - 2024-04-11
• 1.74.1 - 2024-04-04
• 1.72.0 - 2024-03-13
• 1.71.1 - 2024-02-21
• 1.71.0 - 2024-02-16
• 1.70.0 - 2024-01-18
• 1.69.7 - 2024-01-02
• 1.69.6 - 2023-12-28
• 1.69.5 - 2023-10-26
• 1.69.4 - 2023-10-17
• 1.69.3 - 2023-10-12
• 1.69.2 - 2023-10-10
• 1.69.1 - 2023-10-09
• 1.69.0 - 2023-10-05
• 1.68.0 - 2023-09-21
• 1.67.0 - 2023-09-14
• 1.66.1 - 2023-08-18
• 1.66.0 - 2023-08-17
• 1.65.1 - 2023-08-09
• 1.65.0 - 2023-08-09
• 1.64.2 - 2023-07-31
• 1.64.1 - 2023-07-22
• 1.64.0 - 2023-07-20
• 1.63.6 - 2023-06-21
• 1.63.5 - 2023-06-21
• 1.63.4 - 2023-06-14
• 1.63.3 - 2023-06-09
• 1.63.2 - 2023-06-08
• 1.63.1 - 2023-06-08
• 1.63.0 - 2023-06-07
• 1.62.1 - 2023-04-25
• 1.62.0 - 2023-04-11
• 1.61.0 - 2023-04-06
• 1.60.0 - 2023-03-23
• 1.59.3 - 2023-03-14
• 1.59.2 - 2023-03-11
• 1.59.1 - 2023-03-10
• 1.59.0 - 2023-03-10
• 1.58.3 - 2023-02-18
• 1.58.2 - 2023-02-17
• 1.58.1 - 2023-02-14
• 1.58.0 - 2023-02-01
• 1.57.1 - 2022-12-19
• 1.57.0 - 2022-12-17
• 1.56.2 - 2022-12-08
• 1.56.1 - 2022-11-09

from sass GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[gemini-code-assist]

Summary of Changes

Hello @nejidevelops, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request, automatically generated by Snyk, updates the sass dependency in the react-app project from version 1.56.1 to 1.93.2. This significant upgrade aims to ensure the project benefits from the latest features, performance improvements, and security patches in the sass library, contributing to overall project health and maintainability.

Highlights

• Sass Dependency Upgrade: The sass dependency has been significantly upgraded from version 1.56.1 to 1.93.2.
• Package Manager Updates: Both package.json and package-lock.json have been updated to reflect the new sass version and its transitive dependencies.
• New Transitive Dependencies: Several new transitive dependencies have been introduced, including @parcel/watcher (with its platform-specific optional modules), detect-libc, and node-addon-api.
• Internal Dependency Updates for Sass: The sass package's internal dependencies, such as immutable (upgraded from 4.1.0 to 5.1.4), chokidar, and readdirp, have also been updated to newer versions.
• Node.js Engine Requirement: The minimum Node.js engine requirement for the sass package has been raised from >=12.0.0 to >=14.0.0.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This PR, automatically generated by Snyk, upgrades the sass package from 1.56.1 to 1.93.2. This is a substantial update, spanning 98 versions. My review focuses on the potential risks associated with such a large version jump. The key concerns are the major version upgrade of the transitive dependency immutable (from v4 to v5), which includes breaking changes, and the change in the required Node.js version for sass. While the Node.js version is compatible with the project's setup, the immutable upgrade introduces a risk that needs to be considered. I've left a detailed comment on package.json highlighting these risks and advising thorough testing before merging.

[gemini-code-assist]

This pull request upgrades sass by 98 versions, from 1.56.1 to 1.93.2. This is a significant jump that introduces potential risks.

Key points to consider:

• Transitive Dependency Major Upgrade: The sass package has upgraded its immutable dependency from ^4.0.0 to ^5.0.2. immutable v5 is a major new version with breaking changes. Although immutable is not a direct dependency of this project, this change in a transitive dependency could introduce unexpected issues.
• Node.js Version: The required Node.js version for sass has been bumped from >=12.0.0 to >=14.0.0. This project's configuration specifies node >=18.0.0, so it is compatible, but it's a change to be aware of.
• @import Deprecation: Newer versions of Dart Sass are phasing out the @import rule in favor of @use. While @import is still supported in this version, it will likely produce deprecation warnings during compilation. The project's SCSS files should eventually be updated to use @use.

Given the scale of this upgrade, there is a heightened risk of regressions or build failures. Thorough testing of the application's styling and build process is advised before merging.