search

billmcchesney1 / goalert

Open source on-call scheduling, automated escalations, and notifications so you never miss a critical alert
https://goalert.me
Other
0 stars 0 forks source link

chore(deps): update dependency cssnano to v5 - autoclosed #116

Closed mend-for-github-com[bot] closed 8 months ago

mend-for-github-com[bot] commented 1 year ago

This PR contains the following updates:

Package Type Update Change
cssnano devDependencies major 4.1.10 -> 5.0.0

By merging this PR, the below issues will be automatically resolved and closed:

Severity CVSS Score CVE GitHub Issue
High 7.5 CVE-2021-28092 #8
High 7.5 CVE-2021-29059 #18
High 7.5 CVE-2021-3803 #27
High 7.5 WS-2021-0152 #25

Release Notes

cssnano/cssnano (cssnano) ### [`v5.0.0`](https://togithub.com/cssnano/cssnano/releases/tag/cssnano%405.0.0): v5.0.0 [Compare Source](https://togithub.com/cssnano/cssnano/compare/v4.1.11...cssnano@5.0.0) #### Major changes - requires Node >= 10.13 - PostCSS 8 API, so cssnano 5 does not emit warnings when running under PostCSS 8 - updated to SVGO 2, fixing many SVG minification bugs - updated css-value-parser and css-selector-parser, fixing many bugs ##### Upgrade notes If you use the cssnano JavaScript API, you need to change your code: - Replace `cssnano.process()` with `cssnano().process()` (notice the `()` after `cssnano`) - pass cssnano options to `cssnano()` instead of `process()` cssnano(cssnanoOptions).process(postcssOptions) #### Bug fixes - fix improperly discarding `@font-face` declarations [#​726](https://togithub.com/cssnano/cssnano/issues/726) - partially fix some isues where cssnano did not combine rules when used together with `postcss-nested` [#​1004](https://togithub.com/cssnano/cssnano/issues/1004) - fix `translate3d()` minification [#​920](https://togithub.com/cssnano/cssnano/issues/920) - fix minification of values starting with `e` [#​589](https://togithub.com/cssnano/cssnano/issues/958), [#​984](https://togithub.com/cssnano/cssnano/issues/984) - fix minification of percentage vaalues [#​962](https://togithub.com/cssnano/cssnano/issues/962), [#​957](https://togithub.com/cssnano/cssnano/issues/957) - fix minification of `aspect-ratio` [#​963](https://togithub.com/cssnano/cssnano/issues/963) - fix merging of `@supports` rules [#​974](https://togithub.com/cssnano/cssnano/issues/974) - fix sorting of longhand and shorthand properties [#​535](https://togithub.com/cssnano/cssnano/issues/535) - remove vulnerable dependency and always warn with bad SVG input [#​1034](https://togithub.com/cssnano/cssnano/pull/1034) ### [`v4.1.11`](https://togithub.com/cssnano/cssnano/releases/tag/v4.1.11) [Compare Source](https://togithub.com/cssnano/cssnano/compare/v4.1.10...v4.1.11) ### 4.1.11 #### Bug Fixes - fix [CVE-2021-28092](https://nvd.nist.gov/vuln/detail/CVE-2021-28092)