search

Anidetrix / rollup-plugin-styles

🎨 Universal Rollup plugin for styles: PostCSS, Sass, Less, Stylus and more.
https://anidetrix.github.io/rollup-plugin-styles
MIT License
242 stars 43 forks source link

build: cssnano update #171

Closed pioug closed 3 years ago

pioug commented 3 years ago

Hello, I want to update cssnano v5.0.0 since it's fully compatible with PostCSS v8. It has been released a couple hours ago, but it was in rc for a while already.

codecov[bot] commented 3 years ago

Codecov Report

Merging #171 (1fc70a9) into main (e09ac09) will not change coverage. The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##             main     #171   +/-   ##
=======================================
  Coverage   99.62%   99.62%           
=======================================
  Files          36       36           
  Lines        1069     1069           
  Branches      300      300           
=======================================
  Hits         1065     1065           
  Misses          1        1           
  Partials        3        3

Continue to review full report at Codecov.

Legend - Click here to learn more Ξ” = absolute <relative> (impact), ΓΈ = not affected, ? = missing data Powered by Codecov. Last update e09ac09...1fc70a9. Read the comment docs.

Anidetrix commented 3 years ago

LGTM

rpivo commented 3 years ago

@Anidetrix is it possible for the rollup-plugin-style package version to be bumped now that cssnano v5 is a dependency? It looks like cssnano v4.1.10 depends on postcss v7, which has a security vulnerability per this advisory.

dilyanpalauzov commented 2 years ago

Installing rollup-plugin-styles prints currently

warning rollup-plugin-styles > cssnano > cssnano-preset-default > postcss-svgo > svgo@1.3.2: This SVGO version is no longer supported. Upgrade to v2.x.x.

Releasing a new version of rollup-plugin-styles with cssnano 5 shall hide this warning.

pioug commented 2 years ago

I bought @Anidetrix a coffee in exchange of a release https://Ko-fi.com/home/coffeeshop?txid=7ae7d781-5851-4764-b2c5-84b89b59b9b6&mode=public&img=ogiboughtsomeone. Hopefully, that works πŸ˜‚

pioug commented 2 years ago

I will insist one more time πŸ’¦πŸ’¦ @Anidetrix, can you release an new version of rollup-plugin-styles?

I see many issues/PRs related to updating dependencies: https://github.com/Anidetrix/rollup-plugin-styles/issues/201 https://github.com/Anidetrix/rollup-plugin-styles/issues/188 https://github.com/Anidetrix/rollup-plugin-styles/pull/202 https://github.com/Anidetrix/rollup-plugin-styles/pull/195 https://github.com/Anidetrix/rollup-plugin-styles/pull/181 https://github.com/Anidetrix/rollup-plugin-styles/pull/179

I use this plugin for projects in BandLab, I'll be happy to help you maintain it (doing the chores, updating dependencies, reviews small PRs, etc.) if you invite me on GitHub + npm (https://www.npmjs.com/~pioug).

github-actions[bot] commented 2 years ago

:tada: This PR is included in version 4.0.0 :tada:

The release is available on:

Your semantic-release bot :package::rocket: