This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade tailwindcss from 3.2.4 to 3.4.3.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **15 versions** ahead of your current version.
- The recommended version was released **a month ago**, on 2024-03-27.
The recommended version fixes:
Severity | Issue | PriorityScore (*) | Exploit Maturity |
:-------------------------:|:-------------------------|-------------------------|:-------------------------
| Regular Expression Denial of Service (ReDoS) [SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
| Regular Expression Denial of Service (ReDoS) [SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
| Uncaught Exception [SNYK-JS-YAML-5458867](https://snyk.io/vuln/SNYK-JS-YAML-5458867) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
| Regular Expression Denial of Service (ReDoS) [SNYK-JS-WORDWRAP-3149973](https://snyk.io/vuln/SNYK-JS-WORDWRAP-3149973) | **482/1000** **Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept
(*) Note that the real score may have changed since the PR was raised.
Release notes Package name: tailwindcss
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade tailwindcss from 3.2.4 to 3.4.3.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.- The recommended version is **15 versions** ahead of your current version. - The recommended version was released **a month ago**, on 2024-03-27. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Uncaught Exception
[SNYK-JS-YAML-5458867](https://snyk.io/vuln/SNYK-JS-YAML-5458867) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-WORDWRAP-3149973](https://snyk.io/vuln/SNYK-JS-WORDWRAP-3149973) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: tailwindcss
Fixed
Fixed
0,0,1
for button and input Preflight rules (#12735)(
,)
,[
or]
in the file path (#12715):has
rules when usingexperimental.optimizeUniversalDefaults
(#12736)mix-blend-plus-darker
utility (#12923)import.meta.url
in config files (#13322)xx-large
and remove doublex-large
absolute size (#13324)@ apply
a class that uses nesting (#13325)important
configuration (#13353)@ apply
works correctly with pseudo elements (#13379)Fixed
calc()
(#12704)class
dark mode strategy (#12717)Added
selector
andvariant
strategies for dark mode (#12717)Changed
rtl
andltr
variants on same element asdir
attribute (#12717)Tailwind CSS v3.4 has arrived! Check out the announcement post for a guided tour through all of the highlights.
Added
svh
,lvh
, anddvh
values to defaultheight
/min-height
/max-height
theme (#11317)has-*
variants for:has(...)
pseudo-class (#11318)text-wrap
utilities includingtext-balance
andtext-pretty
(#11320, #12031)opacity
scale to include all steps of 5 (#11832)html
styles to include shadow DOM:host
pseudo-class (#11200)grid-rows-*
utilities from 1–6 to 1–12 (#12180)size-*
utilities (#12287)min-w-*
,min-h-*
, andmax-w-*
utilities (#12300)forced-color-adjust
utilities (#11931)forced-colors
variant (#11694, #12582)appearance-auto
utility (#12404)float
andclear
utilities (#12480)*
variant for targeting direct children (#12551)Changed
sans
font-family stack (#11748)rtl
,ltr
,forced-colors
, anddark
variants (#12584)@ config
in CSS when watching via the CLI (#12327)resolveConfig
(#12272)font-feature-settings
formono
are included in Preflight (#12342)@ layer
rule (#12508)-
incalc()
expression (#12283)calc()
-like functions (#11686)calc()
normalisation in nestedtheme()
calls (#11705)content
optional for presets in TypeScript types (#11730)too many open files
error (#12079):not(…)
when nested in an at-rule (#12105)Node16
module resolution (#12097)@ apply
(#12112)tailwindcss/nesting
(#12269)jiti
,fast-glob
, andbrowserlist
dependencies (#11550)var
injection for properties that accept a<dashed-ident>
(#12236)theme()
insidecalc()
when there are no spaces around operators (#11157)repeating-conic-gradient
is detected as an image (#11180):is
by default (#11345)group
andpeer
variants (#11454)Added
aria-busy
utility (#10966)Changed
<dialog>
elements in preflight (#11069)to
position of gradient when using implicit transparent colors (#11002)@ tailwindcss/oxide
doesn't leak in the stable engine (#10988)theme(spacing[5])
calls with bracket notation in arbitrary properties work (#11039)Changed
Commit messages
Package name: tailwindcss
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs