Merge pull request #8 from tsvetlin/fix-immutable-security-vuln

Fix immutable security vulnerability

Upgrades sass from 1.35.1 to 1.98.0 to resolve SNYK-JS-IMMUTABLE-15423650. Also updates CI to Node 20 and GitHub Actions v4. Note: the sass major version jump may introduce deprecation warnings for @import usage in downstream consumers (canvas-lms) — recommend verifying SCSS compilation.

Author: augiethornton

.github/workflows/node.js.yml

@@ -5,9 +5,9 @@ name: Node.js CI
 
 on:
   push:
-    branches: [ master ]
+    branches: [master]
   pull_request:
-    branches: [ master ]
+    branches: [master]
 
 jobs:
   build:
@@ -16,16 +16,13 @@ jobs:
     strategy:
       matrix:
         node-version:
-          - 14.x
-          # - 16.x CANT do 15+ since node-sass doesn't compile there
+          - 20.x
 
     steps:
-    - uses: actions/checkout@v2
-    - name: Use Node.js ${{ matrix.node-version }}
-      uses: actions/setup-node@v2
-      with:
-        node-version: ${{ matrix.node-version }}
-        cache: 'npm'
-    - run: npm i -g npm@latest
-    - run: npm ci --ignore-scipts # avoid "fsevents not accessible from chokidar" error
-    - run: npm test
+      - uses: actions/checkout@v4
+      - name: Use Node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node-version }}
+      - run: npm ci --ignore-scripts # avoid "fsevents not accessible from chokidar" error
+      - run: npm test