ui5-webcomponents-sample-react icon indicating copy to clipboard operation
ui5-webcomponents-sample-react copied to clipboard

Published 20 hours ago verified publisher icon SAP-samples

chore(deps): bump the npm_and_yarn at /. security update group with 6 updates

Open dependabot[bot] opened this issue 2 years ago • 0 comments

Bumps the npm_and_yarn at /. security update group with 6 updates:

Package From To
css-loader 1.0.0 6.8.1
optimize-css-assets-webpack-plugin 5.0.1 6.0.1
postcss-flexbugs-fixes 4.1.0 5.0.2
postcss-loader 3.0.0 7.3.3
postcss-preset-env 6.3.1 9.3.0
postcss-safe-parser 4.0.1 7.0.0

Updates css-loader from 1.0.0 to 6.8.1

Release notes

Sourced from css-loader's releases.

v6.8.1

6.8.1 (2023-05-28)

Bug Fixes

  • use cause for original errors and warnings (#1526) (ae3d8ae)

v6.8.0

6.8.0 (2023-05-27)

Features

  • use template literal when it possible to prevent Maximum call stack size exceeded (#1525) (6eb5661)

Bug Fixes

v6.7.4

6.7.4 (2023-05-19)

Bug Fixes

  • bugs in css modules (c3099fb)
  • output warning when built-in CSS support enabled (#1520) (0700ce8)

v6.7.3

6.7.3 (2022-12-14)

Bug Fixes

v6.7.2

6.7.2 (2022-11-13)

Bug Fixes

  • css modules generation with inline syntax (#1480) (2f4c273)

v6.7.1

6.7.1 (2022-03-08)

... (truncated)

Changelog

Sourced from css-loader's changelog.

6.8.1 (2023-05-28)

Bug Fixes

  • use cause for original errors and warnings (#1526) (ae3d8ae)

6.8.0 (2023-05-27)

Features

  • use template literal when it possible to prevent Maximum call stack size exceeded (#1525) (6eb5661)

Bug Fixes

6.7.4 (2023-05-19)

Bug Fixes

  • bugs in css modules (c3099fb)
  • output warning when built-in CSS support enabled (#1520) (0700ce8)

6.7.3 (2022-12-14)

Bug Fixes

6.7.2 (2022-11-13)

Bug Fixes

  • css modules generation with inline syntax (#1480) (2f4c273)

6.7.1 (2022-03-08)

Bug Fixes

6.7.0 (2022-03-04)

... (truncated)

Commits

Updates optimize-css-assets-webpack-plugin from 5.0.1 to 6.0.1

Commits

Updates postcss-flexbugs-fixes from 4.1.0 to 5.0.2

Release notes

Sourced from postcss-flexbugs-fixes's releases.

5.0.2

What's Changed

New Contributors

Full Changelog: https://github.com/luisrudge/postcss-flexbugs-fixes/compare/5.0.0...5.0.2

5.0.0

https://github.com/luisrudge/postcss-flexbugs-fixes/blob/master/CHANGELOG.md

Changelog

Sourced from postcss-flexbugs-fixes's changelog.

5.0.2

  • Moving postcss to peer dependencies #74

5.0.1

  • Adding postcss as dependency #74

5.0.0

  • upgrade to postcss 8 #71

4.2.1

  • Fix calc regex #69

4.2.0

  • Don't change values that reference custom props #64
Commits

Updates postcss-loader from 3.0.0 to 7.3.3

Release notes

Sourced from postcss-loader's releases.

v7.3.3

7.3.3 (2023-06-10)

Bug Fixes

  • perf: avoid using klona for postcss options (#658) (e754c3f)
  • bug with loading configurations after updating cosmiconfig to version 8.2 (684d265)

v7.3.2

7.3.2 (2023-05-28)

Bug Fixes

  • use cause to keep original errors and warnings (#655) (e8873f4)

v7.3.1

7.3.1 (2023-05-26)

Bug Fixes

  • warning and error serialization (65748ec)

v7.3.0

7.3.0 (2023-04-28)

Features

  • use jiti for typescript configurations (#649) (8b876fa)

v7.2.4

7.2.4 (2023-04-04)

Bug Fixes

v7.2.3

7.2.3 (2023-04-03)

Bug Fixes

v7.2.2

... (truncated)

Changelog

Sourced from postcss-loader's changelog.

7.3.3 (2023-06-10)

Bug Fixes

  • perf: avoid using klona for postcss options (#658) (e754c3f)
  • bug with loading configurations after updating cosmiconfig to version 8.2 (684d265)

7.3.2 (2023-05-28)

Bug Fixes

  • use cause to keep original errors and warnings (#655) (e8873f4)

7.3.1 (2023-05-26)

Bug Fixes

  • warning and error serialization (65748ec)

7.3.0 (2023-04-28)

Features

  • use jiti for typescript configurations (#649) (8b876fa)

7.2.4 (2023-04-04)

Bug Fixes

7.2.3 (2023-04-03)

Bug Fixes

7.2.2 (2023-04-03)

Bug Fixes

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for postcss-loader since your current version.


Updates postcss-preset-env from 6.3.1 to 9.3.0

Changelog

Sourced from postcss-preset-env's changelog.

9.3.0

October 31, 2023

9.2.0

October 9, 2023

9.1.4

September 18, 2023

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by romainmenke, a new releaser for postcss-preset-env since your current version.


Updates postcss-safe-parser from 4.0.1 to 7.0.0

Changelog

Sourced from postcss-safe-parser's changelog.

Change Log

This project adheres to Semantic Versioning.

7.0

  • Removed Node.js 16, 14, and 12 support.
  • Added Root#source.end.

6.0

  • Removed Node.js 10 support.
  • Moved postcss to peerDependencies.

5.0.2

  • Added funding links.

5.0.1

  • Fixed parsing missed semicolon.

5.0

  • Removed support for Node.js 6.x, 8.x, 11.x, and 13.x versions.
  • Moved to PostCSS 8.0.

4.0.2

  • Fix parsing :;.
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

dependabot[bot] avatar Nov 21 '23 13:11 dependabot[bot]