Bump postcss and css-loader

[dependabot[bot]]

Bumps postcss to 7.0.39 and updates ancestor dependencies postcss and css-loader. These dependencies need to be updated together.

Updates postcss from 7.0.17 to 7.0.39

Release notes

Sourced from postcss's releases.

7.0.39

• Reduce package size.
• Backport nanocolors to picocolors migration.

7.0.38

• Update Processor#version.

7.0.37

• Backport chalk to nanocolors migration.

7.0.36

• Backport ReDoS vulnerabilities from PostCSS 8.

7.0.35

• Add migration guide link to PostCSS 8 error text.

7.0.34

• Fix compatibility with postcss-scss 2.

7.0.33

• Add error message for PostCSS 8 plugins.

7.0.32

• Fix error message (by @​admosity).

7.0.31

• Use only the latest source map annotation (by @​emzoumpo).

7.0.30

• Fix TypeScript definition (by @​nex3)

7.0.29

• Update Processor#version.

7.0.28

• Fix TypeScript definition (by @​nex3).

7.0.27

• Fix TypeScript definition (by @​nex3).

7.0.26

• Fix TypeScript definition (by @​nex3)

7.0.25

• Fix absolute path support for Windows (by @​tomrav)

7.0.24

• Fix TypeScript definition (by @​keithamus).

7.0.23

... (truncated)

Changelog

Sourced from postcss's changelog.

7.0.39

• Reduce package size.
• Backport nanocolors to picocolors migration.

7.0.38

• Update Processor#version.

7.0.37

• Backport chalk to nanocolors migration.

7.0.36

• Backport ReDoS vulnerabilities from PostCSS 8.

7.0.35

• Add migration guide link to PostCSS 8 error text.

7.0.34

• Fix compatibility with postcss-scss 2.

7.0.33

• Add error message for PostCSS 8 plugins.

7.0.32

• Fix error message (by @​admosity).

7.0.31

• Use only the latest source map annotation (by Emmanouil Zoumpoulakis).

7.0.30

• Fix TypeScript definition (by Natalie Weizenbaum).

7.0.29

• Update Processor#version.

7.0.28

• Fix TypeScript definition (by Natalie Weizenbaum).

7.0.27

• Fix TypeScript definition (by Natalie Weizenbaum).

7.0.26

• Fix TypeScript definition (by Natalie Weizenbaum).

7.0.25

• Fix absolute path support for Windows (by Tom Raviv).

7.0.24

• Fix TypeScript definition (by Keith Cirkel).

7.0.23

... (truncated)

Commits

• e17c1ef Release 7.0.39 version
• 6791bd3 Reduce npm package
• 44c581a Replace nanocolors with picocolors
• 8ba21fd Remove eslint-ci
• 3994c4a Release 7.0.38 version
• 6944e1d Remove development keys from package.json
• 4dd0af0 Release 7.0.37 version
• 8408eb4 Add compilation step
• 0c68063 Move tests to GitHub Actions
• 98b61ba Replace chalk to nanocolors
• Additional commits viewable in compare view

Updates postcss from 7.0.5 to 7.0.39

Release notes

Sourced from postcss's releases.

7.0.39

• Reduce package size.
• Backport nanocolors to picocolors migration.

7.0.38

• Update Processor#version.

7.0.37

• Backport chalk to nanocolors migration.

7.0.36

• Backport ReDoS vulnerabilities from PostCSS 8.

7.0.35

• Add migration guide link to PostCSS 8 error text.

7.0.34

• Fix compatibility with postcss-scss 2.

7.0.33

• Add error message for PostCSS 8 plugins.

7.0.32

• Fix error message (by @​admosity).

7.0.31

• Use only the latest source map annotation (by @​emzoumpo).

7.0.30

• Fix TypeScript definition (by @​nex3)

7.0.29

• Update Processor#version.

7.0.28

• Fix TypeScript definition (by @​nex3).

7.0.27

• Fix TypeScript definition (by @​nex3).

7.0.26

• Fix TypeScript definition (by @​nex3)

7.0.25

• Fix absolute path support for Windows (by @​tomrav)

7.0.24

• Fix TypeScript definition (by @​keithamus).

7.0.23

... (truncated)

Changelog

Sourced from postcss's changelog.

7.0.39

• Reduce package size.
• Backport nanocolors to picocolors migration.

7.0.38

• Update Processor#version.

7.0.37

• Backport chalk to nanocolors migration.

7.0.36

• Backport ReDoS vulnerabilities from PostCSS 8.

7.0.35

• Add migration guide link to PostCSS 8 error text.

7.0.34

• Fix compatibility with postcss-scss 2.

7.0.33

• Add error message for PostCSS 8 plugins.

7.0.32

• Fix error message (by @​admosity).

7.0.31

• Use only the latest source map annotation (by Emmanouil Zoumpoulakis).

7.0.30

• Fix TypeScript definition (by Natalie Weizenbaum).

7.0.29

• Update Processor#version.

7.0.28

• Fix TypeScript definition (by Natalie Weizenbaum).

7.0.27

• Fix TypeScript definition (by Natalie Weizenbaum).

7.0.26

• Fix TypeScript definition (by Natalie Weizenbaum).

7.0.25

• Fix absolute path support for Windows (by Tom Raviv).

7.0.24

• Fix TypeScript definition (by Keith Cirkel).

7.0.23

... (truncated)

Commits

• e17c1ef Release 7.0.39 version
• 6791bd3 Reduce npm package
• 44c581a Replace nanocolors with picocolors
• 8ba21fd Remove eslint-ci
• 3994c4a Release 7.0.38 version
• 6944e1d Remove development keys from package.json
• 4dd0af0 Release 7.0.37 version
• 8408eb4 Add compilation step
• 0c68063 Move tests to GitHub Actions
• 98b61ba Replace chalk to nanocolors
• Additional commits viewable in compare view

Updates css-loader from 1.0.0 to 6.7.3

Release notes

Sourced from css-loader's releases.

v6.7.3

6.7.3 (2022-12-14)

Bug Fixes

• remove sourceURL from emitted CSS (#1487) (962924c)

v6.7.2

6.7.2 (2022-11-13)

Bug Fixes

• css modules generation with inline syntax (#1480) (2f4c273)

v6.7.1

6.7.1 (2022-03-08)

Bug Fixes

• defaultGetLocalIdent export (#1427) (74dac1e)

v6.7.0

6.7.0 (2022-03-04)

Features

• re-export defaultGetLocalIdent (#1423) (207cf36)

v6.6.0

6.6.0 (2022-02-02)

Features

• added the hashStrategy option (ca4abce)

v6.5.1

6.5.1 (2021-11-03)

Bug Fixes

• regression with unicode characters in locals (b7a8441)
• runtime path generation (#1393) (feafea8)

v6.5.0

... (truncated)

Changelog

Sourced from css-loader's changelog.

6.7.3 (2022-12-14)

Bug Fixes

• remove sourceURL from emitted CSS (#1487) (962924c)

6.7.2 (2022-11-13)

Bug Fixes

• css modules generation with inline syntax (#1480) (2f4c273)

6.7.1 (2022-03-08)

Bug Fixes

• defaultGetLocalIdent export (#1427) (74dac1e)

6.7.0 (2022-03-04)

Features

• re-export defaultGetLocalIdent (#1423) (207cf36)

6.6.0 (2022-02-02)

Features

• added the hashStrategy option (ca4abce)

6.5.1 (2021-11-03)

Bug Fixes

• regression with unicode characters in locals (b7a8441)
• runtime path generation (#1393) (feafea8)

6.5.0 (2021-10-26)

Features

• support absolute URL in url() when experiments.buildHttp enabled (#1389) (8946be4)

... (truncated)

Commits

• ef749f2 chore(release): 6.7.3
• 36fb945 chore: fix cspell
• 962924c fix: remove sourceURL from emitted CSS (#1487)
• 3f3f302 chore(deps): bump decode-uri-component from 0.2.0 to 0.2.2 (#1486)
• 04ca713 chore: update dependencies to the latest version (#1485)
• 9449827 chore: update styfle/cancel-workflow-action (#1484)
• 6c67af8 chore: add cSpell to check spelling issues (#1482)
• 239b9ac chore(deps): bump loader-utils from 2.0.3 to 2.0.4 (#1481)
• 394d200 chore(release): 6.7.2
• 2f4c273 fix: css modules generation with inline syntax (#1480)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.