Closed lukas735 closed 4 months ago
C-Lodder
commented
5 months ago Hi @lukas735
The path node_modules/grunt-postcss is referring to the old project, which is no longer maintained: https://github.com/nDmitry/grunt-postcss
Please try installing this project as showin here: https://github.com/C-Lodder/grunt-postcss/blob/master/README.md
You'll notice the path is node_modules/@lodder/grunt-postcss
lukas735
commented
5 months ago This is exactly what i am using and the problem is in the dependency (postcss) and not in my @lodder/grunt-postcss Why i should comment here if i am not using this one.
C-Lodder
commented
5 months ago As you said, the issue derives from postcss, which is a peer dependency (not shipped with this plugin) and should be manually installed.
Latest release of postcss is 8.4.38, which contains the fix for GHSA-7fh5-64p2-3v2j
lukas735
commented
5 months ago This is the Version what i have. --Diese Nachricht wurde von meinem Android Mobiltelefon mit GMX Mail gesendet.Am 28.05.24, 12:30 schrieb Lodder @.***>:
As you said, the issue derives from postcss, which is a peer dependency (not shipped with this plugin) and should be manually installed. Latest release of postcss is 8.4.38, which contains the fix for GHSA-7fh5-64p2-3v2j —Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you were mentioned.Message ID: @.***>
postcss <8.4.31 Severity: moderate PostCSS line return parsing error - https://github.com/advisories/GHSA-7fh5-64p2-3v2j No fix available node_modules/grunt-postcss/node_modules/postcss node_modules/postcss grunt-postcss * Depends on vulnerable versions of postcss node_modules/grunt-postcss
I searched in a forum and found out that postcss 8.4.31 doesn't work without vulnarability and just the version 7.0.36 should work but i don't know which version of grunt-postcss works fine with 7.0.36 so this doesn't help me much. Google also seems to be not helpful.