Diffusion CI System Tooling 63d16727883e

Include a 'sass' compatible tool within the CI Images. While i'd prefer not to…
63d16727883e
Actions

Authored by bcooksley on Dec 25 2018, 3:42 AM.

Description

Include a 'sass' compatible tool within the CI Images. While i'd prefer not to use NPM for this given their security track record over the past 24 months, it would seem that no other options exist that distributions currently package. It looks like dart-sass tends to be the recommended solution for environments needing a 'saas' compatible tool, so if it becomes available we should switchover to that and dump npm. To minimize the security risk posed by use of npm, i've fixated the version of 'saas' we use from NPM.

Ref D17154

Details

Committed

bcooksley

Dec 25 2018, 3:42 AM

Parents

R857:5f962445d71e: Switch to the new syntax (spaces -> tabs).

Branches

Unknown

Tags

Unknown

bcooksley committed R857:63d16727883e: Include a 'sass' compatible tool within the CI Images. While i'd prefer not to… (authored by bcooksley).Dec 25 2018, 3:42 AM

bcooksley mentioned this in D17154: Go back to SCSS.Dec 25 2018, 3:59 AM

Why are you using npm for this? There is sassc which is a compiled binary and doesn't have many dependencies.

Because from what I could see, sassc wasn't available from the OpenSUSE repositories.

In R857:63d16727883e9c9f9d09bdd2bc7163fb386c0a57#3726879, @bcooksley wrote:

Because from what I could see, sassc wasn't available from the OpenSUSE repositories.

Not an openSUSE user, but according to their website, it's available in tumbleweed

https://software.opensuse.org/package/sassc

Correct me if I'm wrong.

sassc is indeed available in openSUSE. I'd avoid using npm if it's possible.

Loading repository data...
Reading installed packages...

S | Name  | Type       | Version   | Arch   | Repository                
--+-------+------------+-----------+--------+---------------------------
  | sassc | package    | 3.5.0-1.4 | x86_64 | openSUSE-20160714-0       
  | sassc | package    | 3.5.0-1.4 | i586   | openSUSE-20160714-0       
  | sassc | srcpackage | 3.5.0-1.4 | noarch | openSUSE-Tumbleweed-Source

This has now been changed in 9e39278074b53852b6d5ed3c1939dba9d48f0f3e