covidcg icon indicating copy to clipboard operation
covidcg copied to clipboard

Published 20 hours ago verified publisher icon vector-engineering

Bump postcss, autoprefixer, css-loader, cssnano and postcss-loader

Open dependabot[bot] opened this issue 1 year ago • 0 comments

Bumps postcss to 8.4.31 and updates ancestor dependencies postcss, autoprefixer, css-loader, cssnano and postcss-loader. These dependencies need to be updated together.

Updates postcss from 7.0.39 to 8.4.31

Release notes

Sourced from postcss's releases.

8.4.31

  • Fixed \r parsing to fix CVE-2023-44270.

8.4.30

8.4.29

8.4.28

  • Fixed Root.source.end for better source map (by @​romainmenke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

8.4.26

  • Fixed clone methods types.

8.4.25

8.4.24

  • Fixed Plugin types.

8.4.23

  • Fixed warnings in TypeDoc.

8.4.22

8.4.21

8.4.20

  • Fixed source map generation for childless at-rules like @layer.

8.4.19

  • Fixed whitespace preserving after AST transformations (by @​romainmenke).

8.4.18

  • Fixed an error on absolute: true with empty sourceContent (by @​KingSora).

8.4.17

8.4.16

... (truncated)

Changelog

Sourced from postcss's changelog.

8.4.31

  • Fixed \r parsing to fix CVE-2023-44270.

8.4.30

  • Improved source map performance (by Romain Menke).

8.4.29

  • Fixed Node#source.offset (by Ido Rosenthal).
  • Fixed docs (by Christian Oliff).

8.4.28

  • Fixed Root.source.end for better source map (by Romain Menke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

8.4.26

  • Fixed clone methods types.

8.4.25

8.4.24

  • Fixed Plugin types.

8.4.23

  • Fixed warnings in TypeDoc.

8.4.22

  • Fixed TypeScript support with node16 (by Remco Haszing).

8.4.21

  • Fixed Input#error types (by Aleks Hudochenkov).

8.4.20

  • Fixed source map generation for childless at-rules like @layer.

8.4.19

  • Fixed whitespace preserving after AST transformations (by Romain Menke).

8.4.18

  • Fixed an error on absolute: true with empty sourceContent (by Rene Haas).

8.4.17

  • Fixed Node.before() unexpected behavior (by Romain Menke).
  • Added TOC to docs (by Mikhail Dedov).

8.4.16

... (truncated)

Commits

Updates autoprefixer from 9.7.0 to 10.4.16

Release notes

Sourced from autoprefixer's releases.

10.4.16

10.4.15

10.4.14

  • Improved startup time and reduced JS bundle size (by @​Knagis).

10.4.13

  • Fixed missed prefixes on vendor prefixes in name of CSS Custom Property.

10.4.12

  • Fixed support of unit-less zero angle in backgrounds (by @​yisibl).

10.4.11

  • Fixed text-decoration prefixes by moving to MDN data (by @​romainmenke).

10.4.10

  • Fixed unicode-bidi prefixes by moving to MDN data.

10.4.9

  • Fixed css-unicode-bidi issue from latest Can I Use.

10.4.8

  • Do not print color-adjust warning if print-color-adjust also is in rule.

10.4.7

  • Fixed print-color-adjust support in Firefox.

10.4.6

  • Fixed print-color-adjust support.

10.4.5

10.4.4

  • Fixed package.funding to have same value between all PostCSS packages.

10.4.3

10.4.2

  • Fixed missed -webkit- prefix for width: stretch.

10.4.1

... (truncated)

Changelog

Sourced from autoprefixer's changelog.

10.4.16

  • Improved performance (by Romain Menke).
  • Fixed docs (by Christian Oliff).

10.4.15

  • Fixed ::backdrop prefixes (by 一丝).
  • Fixed docs (by Christian Oliff).

10.4.14

  • Improved startup time and reduced JS bundle size (by Kārlis Gaņģis).

10.4.13

  • Fixed missed prefixes on vendor prefixes in name of CSS Custom Property.

10.4.12

  • Fixed support of unit-less zero angle in backgrounds (by 一丝).

10.4.11

  • Fixed text-decoration prefixes by moving to MDN data (by Romain Menke).

10.4.10

  • Fixed unicode-bidi prefixes by moving to MDN data.

10.4.9

  • Fixed css-unicode-bidi issue from latest Can I Use.

10.4.8

  • Do not print color-adjust warning if print-color-adjust also is in rule.

10.4.7

  • Fixed print-color-adjust support in Firefox.

10.4.6

  • Fixed print-color-adjust support.

10.4.5

10.4.4

  • Fixed package.funding to have same value between all PostCSS packages.

10.4.3

  • Fixed package.funding (by Álvaro Mondéjar).

10.4.2

  • Fixed missed -webkit- prefix for width: stretch.

10.4.1

  • Fixed ::file-selector-button data (by Luke Warlow).

... (truncated)

Commits

Updates css-loader from 3.2.0 to 6.8.1

Release notes

Sourced from css-loader's releases.

v6.8.1

6.8.1 (2023-05-28)

Bug Fixes

  • use cause for original errors and warnings (#1526) (ae3d8ae)

v6.8.0

6.8.0 (2023-05-27)

Features

  • use template literal when it possible to prevent Maximum call stack size exceeded (#1525) (6eb5661)

Bug Fixes

v6.7.4

6.7.4 (2023-05-19)

Bug Fixes

  • bugs in css modules (c3099fb)
  • output warning when built-in CSS support enabled (#1520) (0700ce8)

v6.7.3

6.7.3 (2022-12-14)

Bug Fixes

v6.7.2

6.7.2 (2022-11-13)

Bug Fixes

  • css modules generation with inline syntax (#1480) (2f4c273)

v6.7.1

6.7.1 (2022-03-08)

... (truncated)

Changelog

Sourced from css-loader's changelog.

6.8.1 (2023-05-28)

Bug Fixes

  • use cause for original errors and warnings (#1526) (ae3d8ae)

6.8.0 (2023-05-27)

Features

  • use template literal when it possible to prevent Maximum call stack size exceeded (#1525) (6eb5661)

Bug Fixes

6.7.4 (2023-05-19)

Bug Fixes

  • bugs in css modules (c3099fb)
  • output warning when built-in CSS support enabled (#1520) (0700ce8)

6.7.3 (2022-12-14)

Bug Fixes

6.7.2 (2022-11-13)

Bug Fixes

  • css modules generation with inline syntax (#1480) (2f4c273)

6.7.1 (2022-03-08)

Bug Fixes

6.7.0 (2022-03-04)

... (truncated)

Commits

Updates cssnano from 4.1.10 to 6.0.1

Release notes

Sourced from cssnano's releases.

v6.0.1

Bug Fixes

v6.0.0

Major Changes

  • 99d1e6ab: postcss-normalize-url: remove normalize-url configuration options
  • 4e272f88: postcss-svgo: Upgrade dependency svgo to v3 and increase the minimum supported node version to v14
  • ca9d3f55: Switch minimum supported Node version to 14 for all packages
  • 39a20405: feat!(cssnano): remove undocumented YAML config support

Migration instructions

  • If you're not happy with the defaults for the normalize-url transform, turn it off completely. Options were removed as most would change the meaning of the URL, which is unexpcted in the case of CSS minification.
  • In the unlikely event you're using YAML to configure cssnano, move the cssnano configuration inside the PostCSS config or use a configuration file in CommonJS or JSON format.

v5.1.15

Bug Fixes

  • fix(postcsss-reduce-initial): fix mask-repeat conversion
  • fix(postcss-colormin): don't minify colors in src declarations
  • fix(postcss-merge-rules): do not merge conflicting flex and border properties

v5.1.14

Bug Fixes

  • fix: update autoprefixer and browserslist
  • fix(postcss-reduce-initial): improve initial properties data

v5.1.13

Bug Fixes

v5.1.12

Bug Fixes

v5.1.11

Bug Fixes

  • postcss-ordered-values: preserve constant values (32ab4d9b7d20d)

v5.1.10

Bug Fixes

v5.1.9

Bug Fixes

  • postcss-merge-longhand: preserve more color function fallbacks (712993cb4a4e0)

... (truncated)

Commits
  • 690358c Publish cssnano 6.0.1
  • 0cdcaf7 chore: update postcss-calc to 9.0
  • 2af6687 fix(postcss-reduce-idents): fix line names grid templates
  • eb9a9a1 fix(postcss-merge-rules): do not merge rules with nested rules
  • a580534 test(postcss-merge-rules): test container queries
  • fae4813 chore: update development dependencies
  • 74bd8da chore: update pnpm-lock version
  • 7b68ad7 docs: update website for release (#1486)
  • 10dd3cf chore: update CLI example for 6.0 release (#1485)
  • 8e89938 Publish cssnano 6.0 (#1484)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ludovicofischer, a new releaser for cssnano since your current version.


Updates postcss-loader from 3.0.0 to 7.3.3

Release notes

Sourced from postcss-loader's releases.

v7.3.3

7.3.3 (2023-06-10)

Bug Fixes

  • perf: avoid using klona for postcss options (#658) (e754c3f)
  • bug with loading configurations after updating cosmiconfig to version 8.2 (684d265)

v7.3.2

7.3.2 (2023-05-28)

Bug Fixes

  • use cause to keep original errors and warnings (#655) (e8873f4)

v7.3.1

7.3.1 (2023-05-26)

Bug Fixes

  • warning and error serialization (65748ec)

v7.3.0

7.3.0 (2023-04-28)

Features

  • use jiti for typescript configurations (#649) (8b876fa)

v7.2.4

7.2.4 (2023-04-04)

Bug Fixes

v7.2.3

7.2.3 (2023-04-03)

Bug Fixes

v7.2.2

... (truncated)

Changelog

Sourced from postcss-loader's changelog.

7.3.3 (2023-06-10)

Bug Fixes

  • perf: avoid using klona for postcss options (#658) (e754c3f)
  • bug with loading configurations after updating cosmiconfig to version 8.2 (684d265)

7.3.2 (2023-05-28)

Bug Fixes

  • use cause to keep original errors and warnings (#655) (e8873f4)

7.3.1 (2023-05-26)

Bug Fixes

  • warning and error serialization (65748ec)

7.3.0 (2023-04-28)

Features

  • use jiti for typescript configurations (#649) (8b876fa)

7.2.4 (2023-04-04)

Bug Fixes

7.2.3 (2023-04-03)

Bug Fixes

7.2.2 (2023-04-03)

Bug Fixes

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for postcss-loader since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

dependabot[bot] avatar Oct 05 '23 07:10 dependabot[bot]