node-sass using node-gyp v3.8.0 when v5.0.3 is out is there a reason?
as title.
node-sass seems to be using an old version of node-gyp (which then pulls in old dependencies), but looks like node-gyp is now on v5.0.3.
Can node-sass bump to this version?
https://github.com/sass/node-sass/blob/master/package.json#L67
jasonwilliams
All 13 comments
4.0.0 breaks support for old node.
xzyfer
on 29 Jul 2019
Well, newer node-gyp can use Python3 - which is important when Python2 will be end-of-life at the end of 2019. So you definitely should move on.
jeffrson
on 14 Oct 2019
@xzyfer any plan to upgrade node-gyp 6.0.0? Python2 will be losing support at the end of 2019.
omarlara
on 15 Oct 2019
Yes I'd also like this upgraded, it introduces a file cb-never-called-1.0.1.tgz which throws a malware warning on my antiviruse
jkim7
on 15 Oct 2019
@xzyfer [email protected] requires Node >= 6.0.0. Node 4.x has been EOL since April 2018, and Node 5.x has been EOL since June 2018. If you're concerned about strictly following semver, could you please consider cutting a 5.x release with just a node-gyp bump? The Python 2 dependency is going to start being a very big pain point for many users in the coming months.
mitchellmebane
on 3 Dec 2019
can this be reconsidered?
there's ~two~ three vulnerabilities related to old version. Latest [email protected] uses [email protected] which clears :
LC43
on 18 Dec 2019
What is blocking this from happening other than compatibility things, which can be addressed by what @mitchellmebane said?
qnighy
on 24 Dec 2019
Python 2 is now EOL and the latest versions of node-gyp now support Python 3. Node 8 is also EOL. Would love to see node-sass bump this up.
boggsey
on 2 Jan 2020
Any news here? We're going to drop python2 from Arch Linux in the foreseeable future.
kpcyrd
on 3 Feb 2020
I believe the old node-gyp version is breaking installs, for example I've run a clean docker install and this is causing failures, see this thread
KingOfCramers
on 13 Dec 2020
5.0 has been released with latest node-gyp
xzyfer
on 13 Dec 2020
I believe the old node-gyp version is breaking installs, for example I've run a clean docker install and this is causing failures, see this thread
What makes you think so?
saper
on 21 Dec 2020
I didn't read the full log in the linked issue but there's:
gyp verb check python checking for Python executable "python2" in the PATH
gyp verb `which` failed Error: not found: python2
so it seems the base image that was used dropped the end-of-life python2 binary.
kpcyrd
on 21 Dec 2020
Related issues
WebTerminator
路
3Comments
YepFury
路
4Comments
tjistooshort
路
4Comments
Rudloff
路
3Comments
alexandrubau
路
3Comments
Most helpful comment
@xzyfer [email protected] requires Node >= 6.0.0. Node 4.x has been EOL since April 2018, and Node 5.x has been EOL since June 2018. If you're concerned about strictly following semver, could you please consider cutting a 5.x release with just a node-gyp bump? The Python 2 dependency is going to start being a very big pain point for many users in the coming months.