postcss-selector-namespace
postcss-selector-namespace copied to clipboard
Update dependency postcss to v7.0.36 [SECURITY] - abandoned
This PR contains the following updates:
Package | Change | Age | Adoption | Passing | Confidence |
---|---|---|---|---|---|
postcss (source) | 7.0.17 -> 7.0.36 |
GitHub Vulnerability Alerts
CVE-2021-23368
The npm package postcss
from 7.0.0 and before versions 7.0.36 and 8.2.10 is vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing.
Release Notes
postcss/postcss
v7.0.36
- Backport ReDoS vulnerabilities from PostCSS 8.
v7.0.35
- Add migration guide link to PostCSS 8 error text.
v7.0.34
- Fix compatibility with
postcss-scss
2.
v7.0.33
- Add error message for PostCSS 8 plugins.
v7.0.32
- Fix error message (by @admosity).
v7.0.31
- Use only the latest source map annotation (by Emmanouil Zoumpoulakis).
v7.0.30
- Fix TypeScript definition (by Natalie Weizenbaum).
v7.0.29
- Update
Processor#version
.
v7.0.28
- Fix TypeScript definition (by Natalie Weizenbaum).
v7.0.27
- Fix TypeScript definition (by Natalie Weizenbaum).
v7.0.26
- Fix TypeScript definition (by Natalie Weizenbaum).
v7.0.25
- Fix absolute path support for Windows (by Tom Raviv).
v7.0.24
- Fix TypeScript definition (by Keith Cirkel).
v7.0.23
- Update
Processor#version
.
v7.0.22
- Add funding link for
npm fund
.
v7.0.21
- Revert passing
nodes
property to node constructor.
v7.0.20
- Allow to pass PostCSS’s nodes in
nodes
property to node constructor.
v7.0.19
- Fix passing
nodes
property to node constructor.
v7.0.18
- Fix TypeScript type definitions (by Jan Buschtöns).
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- [ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.