vercel[bot]
commented
1 month ago The latest updates on your projects. Learn more about Vercel for Git ↗︎
| Name | Status | Preview | Comments | Updated (UTC) |
|---|---|---|---|---|
| nervos-official-website | ✅ Ready (Inspect) | Visit Preview | 💬 Add feedback | Sep 25, 2024 2:08pm |
This PR contains the following updates:
8.4.38->8.4.39GitHub Vulnerability Alerts
CVE-2023-44270
An issue was discovered in PostCSS before 8.4.31. It affects linters using PostCSS to parse external Cascading Style Sheets (CSS). There may be
\rdiscrepancies, as demonstrated by@font-face{ font:(\r/*);}in a rule.This vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being originally included in a comment.
Release Notes
postcss/postcss (postcss)
### [`v8.4.39`](https://redirect.github.com/postcss/postcss/blob/HEAD/CHANGELOG.md#8439) [Compare Source](https://redirect.github.com/postcss/postcss/compare/8.4.38...8.4.39) - Fixed `CssSyntaxError` types (by [@romainmenke](https://redirect.github.com/romainmenke)).Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.