search

atom-community / atom

:atom: Community build of the hackable text editor
https://atom-community.github.io/
MIT License
738 stars 30 forks source link

[Snyk] Upgrade postcss from 8.2.10 to 8.4.16 #465

Open snyk-bot opened 2 years ago

snyk-bot commented 2 years ago

Snyk has created this PR to upgrade postcss from 8.2.10 to 8.4.16.

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Regular Expression Denial of Service (ReDoS)
SNYK-JS-POSTCSS-1255640		 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: postcss
  • 8.4.16 - 2022-08-06
    • Fixed Root AST migration.
  • 8.4.15 - 2022-08-06
    • Fixed AST normalization after using custom parser with old PostCSS AST.
  • 8.4.14 - 2022-05-18
    • Print “old plugin API” warning only if plugin was used (by @ zardoy).
  • 8.4.13 - 2022-04-30
  • 8.4.12 - 2022-03-16
    • Fixed package.funding to have same value between all PostCSS packages.
  • 8.4.11 - 2022-03-15
    • Fixed Declaration#raws.value type.
  • 8.4.10 - 2022-03-15
    • Fixed package.funding URL format.
  • 8.4.9 - 2022-03-15
  • 8.4.8 - 2022-03-07
    • Fixed end position in empty Custom Properties.
  • 8.4.7 - 2022-02-24
    • Fixed Node#warn() type (by @ ybiquitous).
    • Fixed comment removal in values after ,.
  • 8.4.6 - 2022-02-01
  • 8.4.5 - 2021-12-13
  • 8.4.4 - 2021-11-27
  • 8.4.3 - 2021-11-26
  • 8.4.2 - 2021-11-26
  • 8.4.1 - 2021-11-24
  • 8.4.0 - 2021-11-24
  • 8.3.11 - 2021-10-21
  • 8.3.10 - 2021-10-20
  • 8.3.9 - 2021-10-04
  • 8.3.8 - 2021-09-25
  • 8.3.7 - 2021-09-22
  • 8.3.6 - 2021-07-21
  • 8.3.5 - 2021-06-17
  • 8.3.4 - 2021-06-14
  • 8.3.3 - 2021-06-14
  • 8.3.2 - 2021-06-11
  • 8.3.1 - 2021-06-09
  • 8.3.0 - 2021-05-21
  • 8.2.15 - 2021-05-10
  • 8.2.14 - 2021-05-05
  • 8.2.13 - 2021-04-26
  • 8.2.12 - 2021-04-22
  • 8.2.11 - 2021-04-22
  • 8.2.10 - 2021-04-11
from postcss GitHub release notes

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs