search

JLHwung / postcss-font-family-system-ui

PostCSS plugin to transform W3C CSS font-family: system-ui to a practical font-family list
Creative Commons Zero v1.0 Universal
94 stars 8 forks source link

fix(deps): update dependency browserslist to v4.16.5 [security] #422

Open renovate[bot] opened 1 year ago

renovate[bot] commented 1 year ago

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
browserslist 4.14.2 -> 4.16.5 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2021-23364

The package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service (ReDoS) during parsing of queries.

Release Notes

browserslist/browserslist (browserslist) ### [`v4.16.5`](https://redirect.github.com/browserslist/browserslist/blob/HEAD/CHANGELOG.md#4165) [Compare Source](https://redirect.github.com/browserslist/browserslist/compare/4.16.4...4.16.5) - Fixed unsafe RegExp (by Yeting Li). ### [`v4.16.4`](https://redirect.github.com/browserslist/browserslist/blob/HEAD/CHANGELOG.md#4164) [Compare Source](https://redirect.github.com/browserslist/browserslist/compare/4.16.3...4.16.4) - Fixed unsafe RegExp. - Added artifactory support to `--update-db` (by Ittai Baratz). ### [`v4.16.3`](https://redirect.github.com/browserslist/browserslist/blob/HEAD/CHANGELOG.md#4163) [Compare Source](https://redirect.github.com/browserslist/browserslist/compare/4.16.2...4.16.3) - Fixed `--update-db`. ### [`v4.16.2`](https://redirect.github.com/browserslist/browserslist/blob/HEAD/CHANGELOG.md#4162) [Compare Source](https://redirect.github.com/browserslist/browserslist/compare/4.16.1...4.16.2) - Fixed `--update-db` (by [@​ialarmedalien](https://redirect.github.com/ialarmedalien)). ### [`v4.16.1`](https://redirect.github.com/browserslist/browserslist/blob/HEAD/CHANGELOG.md#4161) [Compare Source](https://redirect.github.com/browserslist/browserslist/compare/4.16.0...4.16.1) - Fixed Chrome 4 with `mobileToDesktop` (by Aron Woost). ### [`v4.16.0`](https://redirect.github.com/browserslist/browserslist/compare/4.15.0...4.16.0) [Compare Source](https://redirect.github.com/browserslist/browserslist/compare/4.15.0...4.16.0) ### [`v4.15.0`](https://redirect.github.com/browserslist/browserslist/compare/4.14.7...4.15.0) [Compare Source](https://redirect.github.com/browserslist/browserslist/compare/4.14.7...4.15.0) ### [`v4.14.7`](https://redirect.github.com/browserslist/browserslist/blob/HEAD/CHANGELOG.md#4147) [Compare Source](https://redirect.github.com/browserslist/browserslist/compare/4.14.6...4.14.7) - Fixed Yarn Workspaces support to `--update-db` (by Fausto Núñez Alberro). - Added browser changes to `--update-db` (by [@​AleksandrSl](https://redirect.github.com/AleksandrSl)). - Added color output to `--update-db`. - Updated `package.funding` to have link to our Open Collective. ### [`v4.14.6`](https://redirect.github.com/browserslist/browserslist/blob/HEAD/CHANGELOG.md#4146) [Compare Source](https://redirect.github.com/browserslist/browserslist/compare/4.14.5...4.14.6) - Fixed Yarn support in `--update-db` (by Ivan Storck). - Fixed npm 7 support in `--update-db`. ### [`v4.14.5`](https://redirect.github.com/browserslist/browserslist/blob/HEAD/CHANGELOG.md#4145) [Compare Source](https://redirect.github.com/browserslist/browserslist/compare/4.14.4...4.14.5) - Fixed `last 2 electron versions` query (by Sergey Melyukov). ### [`v4.14.4`](https://redirect.github.com/browserslist/browserslist/blob/HEAD/CHANGELOG.md#4144) [Compare Source](https://redirect.github.com/browserslist/browserslist/compare/4.14.3...4.14.4) - Fixed `Unknown version 59 of op_mob` error. ### [`v4.14.3`](https://redirect.github.com/browserslist/browserslist/blob/HEAD/CHANGELOG.md#4143) [Compare Source](https://redirect.github.com/browserslist/browserslist/compare/4.14.2...4.14.3) - Update Firefox ESR.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR was generated by Mend Renovate. View the repository job log.

renovate[bot] commented 1 year ago

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

The artifact failure details are included below:

File name: yarn.lock
Unknown Syntax Error: Unsupported option name ("-R").

$ yarn up [-i,--interactive] [-v,--verbose] [-E,--exact] [-T,--tilde] [-C,--caret] ...
renovate[bot] commented 6 months ago

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

The artifact failure details are included below:

File name: yarn.lock
Unknown Syntax Error: Unsupported option name ("-R").

$ yarn up [-i,--interactive] [-v,--verbose] [-E,--exact] [-T,--tilde] [-C,--caret] ...