search

bonitasoft / bonita-documentation-theme

Dedicated Antora UI Bundle used to produce the Bonita Documentation
https://bonitasoft.github.io/bonita-documentation-theme/
Mozilla Public License 2.0
4 stars 6 forks source link

chore(deps): Bump postcss, @csstools/postcss-sass, autoprefixer, cssnano, gulp-postcss, postcss-calc, postcss-custom-properties, postcss-import and postcss-url #205

Closed dependabot[bot] closed 10 months ago

dependabot[bot] commented 11 months ago

Bumps postcss to 8.4.31 and updates ancestor dependencies postcss, @csstools/postcss-sass, autoprefixer, cssnano, gulp-postcss, postcss-calc, postcss-custom-properties, postcss-import and postcss-url. These dependencies need to be updated together.

Updates postcss from 8.4.25 to 8.4.31

Release notes

Sourced from postcss's releases.

8.4.31

  • Fixed \r parsing to fix CVE-2023-44270.

8.4.30

8.4.29

8.4.28

  • Fixed Root.source.end for better source map (by @​romainmenke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

8.4.26

  • Fixed clone methods types.
Changelog

Sourced from postcss's changelog.

8.4.31

  • Fixed \r parsing to fix CVE-2023-44270.

8.4.30

  • Improved source map performance (by Romain Menke).

8.4.29

  • Fixed Node#source.offset (by Ido Rosenthal).
  • Fixed docs (by Christian Oliff).

8.4.28

  • Fixed Root.source.end for better source map (by Romain Menke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

8.4.26

  • Fixed clone methods types.
Commits


Updates @csstools/postcss-sass from 4.0.0 to 5.0.1

Release notes

Sourced from @​csstools/postcss-sass's releases.

5.0.1

  • Fixes an issue with import files not being sent for processors to pick up. #31

5.0.0

  • Updated to support PostCSS 8 (breaking)
Changelog

Sourced from @​csstools/postcss-sass's changelog.

5.0.1 (March 8, 2022)

  • Fixes an issue with import files not being sent for processors to pick up. #31

5.0.0 (February 14, 2022)

  • Updated to support PostCSS 8 (breaking)
Commits
Maintainer changes

This version was pushed to npm by alaguna, a new releaser for @​csstools/postcss-sass since your current version.


Updates autoprefixer from 9.7.6 to 10.4.16

Release notes

Sourced from autoprefixer's releases.

10.4.16

10.4.15

10.4.14

  • Improved startup time and reduced JS bundle size (by @​Knagis).

10.4.13

  • Fixed missed prefixes on vendor prefixes in name of CSS Custom Property.

10.4.12

  • Fixed support of unit-less zero angle in backgrounds (by @​yisibl).

10.4.11

  • Fixed text-decoration prefixes by moving to MDN data (by @​romainmenke).

10.4.10

  • Fixed unicode-bidi prefixes by moving to MDN data.

10.4.9

  • Fixed css-unicode-bidi issue from latest Can I Use.

10.4.8

  • Do not print color-adjust warning if print-color-adjust also is in rule.

10.4.7

  • Fixed print-color-adjust support in Firefox.

10.4.6

  • Fixed print-color-adjust support.

10.4.5

10.4.4

  • Fixed package.funding to have same value between all PostCSS packages.

10.4.3

10.4.2

  • Fixed missed -webkit- prefix for width: stretch.

10.4.1

... (truncated)

Changelog

Sourced from autoprefixer's changelog.

10.4.16

  • Improved performance (by Romain Menke).
  • Fixed docs (by Christian Oliff).

10.4.15

  • Fixed ::backdrop prefixes (by 一丝).
  • Fixed docs (by Christian Oliff).

10.4.14

  • Improved startup time and reduced JS bundle size (by Kārlis Gaņģis).

10.4.13

  • Fixed missed prefixes on vendor prefixes in name of CSS Custom Property.

10.4.12

  • Fixed support of unit-less zero angle in backgrounds (by 一丝).

10.4.11

  • Fixed text-decoration prefixes by moving to MDN data (by Romain Menke).

10.4.10

  • Fixed unicode-bidi prefixes by moving to MDN data.

10.4.9

  • Fixed css-unicode-bidi issue from latest Can I Use.

10.4.8

  • Do not print color-adjust warning if print-color-adjust also is in rule.

10.4.7

  • Fixed print-color-adjust support in Firefox.

10.4.6

  • Fixed print-color-adjust support.

10.4.5

10.4.4

  • Fixed package.funding to have same value between all PostCSS packages.

10.4.3

  • Fixed package.funding (by Álvaro Mondéjar).

10.4.2

  • Fixed missed -webkit- prefix for width: stretch.

10.4.1

  • Fixed ::file-selector-button data (by Luke Warlow).

... (truncated)

Commits


Updates cssnano from 4.1.11 to 6.0.1

Release notes

Sourced from cssnano's releases.

v6.0.1

Bug Fixes

v6.0.0

Major Changes

  • 99d1e6ab: postcss-normalize-url: remove normalize-url configuration options
  • 4e272f88: postcss-svgo: Upgrade dependency svgo to v3 and increase the minimum supported node version to v14
  • ca9d3f55: Switch minimum supported Node version to 14 for all packages
  • 39a20405: feat!(cssnano): remove undocumented YAML config support

Migration instructions

  • If you're not happy with the defaults for the normalize-url transform, turn it off completely. Options were removed as most would change the meaning of the URL, which is unexpcted in the case of CSS minification.
  • In the unlikely event you're using YAML to configure cssnano, move the cssnano configuration inside the PostCSS config or use a configuration file in CommonJS or JSON format.

v5.1.15

Bug Fixes

  • fix(postcsss-reduce-initial): fix mask-repeat conversion
  • fix(postcss-colormin): don't minify colors in src declarations
  • fix(postcss-merge-rules): do not merge conflicting flex and border properties

v5.1.14

Bug Fixes

  • fix: update autoprefixer and browserslist
  • fix(postcss-reduce-initial): improve initial properties data

v5.1.13

Bug Fixes

v5.1.12

Bug Fixes

v5.1.11

Bug Fixes

  • postcss-ordered-values: preserve constant values (32ab4d9b7d20d)

v5.1.10

Bug Fixes

v5.1.9

Bug Fixes

  • postcss-merge-longhand: preserve more color function fallbacks (712993cb4a4e0)

... (truncated)

Commits
  • 690358c Publish cssnano 6.0.1
  • 0cdcaf7 chore: update postcss-calc to 9.0
  • 2af6687 fix(postcss-reduce-idents): fix line names grid templates
  • eb9a9a1 fix(postcss-merge-rules): do not merge rules with nested rules
  • a580534 test(postcss-merge-rules): test container queries
  • fae4813 chore: update development dependencies
  • 74bd8da chore: update pnpm-lock version
  • 7b68ad7 docs: update website for release (#1486)
  • 10dd3cf chore: update CLI example for 6.0 release (#1485)
  • 8e89938 Publish cssnano 6.0 (#1484)
  • Additional commits viewable in compare view


Updates gulp-postcss from 8.0.0 to 9.0.1

Release notes

Sourced from gulp-postcss's releases.

9.0.1

  • Bump postcss-load-config to ^3.0.0

9.0.0

  • Bump PostCSS to 8.0
  • Drop Node 6 support
  • PostCSS is now a peer dependency
Commits
  • 70dfabe Release 9.0.1
  • 5d3bf7a Merge pull request #176 from postcss/switch-to-github-workflows
  • 22e8c3a Switch to github workflow for testing
  • a1b8242 Merge pull request #168 from alkorlos/update-dependency-postcss-load-config
  • 1162ef1 update: dependency postcss-load-config
  • a073cf4 Merge pull request #1 from postcss/master
  • 94170d6 Release 9.0.0
  • f3751c8 Merge pull request #162 from m4thieulavoie/chore/postcss-major-bump
  • c0519ac fix: changing node versions
  • 0a013d0 fix: added postcss in devDependencies for testing
  • Additional commits viewable in compare view


Updates postcss-calc from 7.0.5 to 9.0.1

Release notes

Sourced from postcss-calc's releases.

9.0.1

Bug fixes

  • fix disappearing calc() expression when source contains extra brackets (18bb47bd0)

9.0.0

Breaking Changes

This release should be functionally identical to the previous (8.2.4) release, except that it officially drops compatibility with Node older than Node 14.

8.2.3

Bug Fixes

8.2.2

Bug Fixes

  • respect CSS var when reducing (99d9fa5)

8.2.1

Bug Fixes

8.2.0

Features

8.1.0

Features

v8.0.0

8.0.0

  • Breaking: Updated PostCSS from v7.x to v8.x (#125)
Changelog

Sourced from postcss-calc's changelog.

9.0.1 (2023-05-05)

Bug Fixes

  • fix disappearing calc expression when source contains extra brackets (18bb47bd0)

9.0.0 (2023-04-29)

Breaking Changes

  • drop support for Node.js versions before 14

8.2.4 (2022-02-05)

Patch Changes

  • convert source to CommonJS and publish untranspiled code (b55adcb)

8.2.3 (2022-01-28)

Bug Fixes

8.2.2 (2022-01-12)

Bug Fixes

  • respect CSS var when reducing (99d9fa5)

8.2.1 (2022-01-11)

Bug Fixes

8.2.0 (2022-01-07)

Features

8.1.0 (2022-01-03)

Features

8.0.0

... (truncated)

Commits
  • 102ba44 Publish postcss-calc 9.0.1
  • 18bb47b fix: preserve calc when extra parentheses are used (#187)
  • bf8554a fix: remove duplicate 'repository' field (#186)
  • 06f0b8c Publish postcss-calc 9.0
  • 15b7704 BREAKING CHANGE: add Node engines field
  • 0529888 chore: update development dependencies
  • d5f6c68 chore: update TypeScript and selector parser
  • 82e416a test: replace old Node.js versions in CI
  • 60b6a39 chore: update repository link
  • 8f21f03 chore: update dev dependencies
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ludovicofischer, a new releaser for postcss-calc since your current version.


Updates postcss-custom-properties from 11.0.0 to 13.3.2

Changelog

Sourced from postcss-custom-properties's changelog.

13.3.2

September 24, 2023

13.3.1

September 18, 2023

  • Improve performance

13.3.0

July 24, 2023

13.2.1

July 3, 2023

13.2.0

June 1, 2023

  • Do not generate fallback values when the rule is wrapped in @supports (top: var(--f)).

13.1.5

April 10, 2023

  • Updated @csstools/css-tokenizer to 2.1.1 (patch)
  • Updated @csstools/css-parser-algorithms to 2.1.1 (patch)
  • Updated @csstools/cascade-layer-name-parser to 1.0.2 (patch)

13.1.4

February 21, 2023

  • Fixed: exception on chained variable declarations.

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by romainmenke, a new releaser for postcss-custom-properties since your current version.


Updates postcss-import from 12.0.1 to 15.1.0

Release notes

Sourced from postcss-import's releases.

14.0.0 / 2020-12-14

This release should not have breaking changes for the vast majority of users; only those with @charset statements in their CSS may be affected.

  • BREAKING: Error if multiple incompatible @charset statements (#447)
  • BREAKING: Warn if @charset statements are not at the top of files (#447)
  • Fix handing of @charset (#436, #447)

13.0.0 / 2020-10-20

  • BREAKING: Require Node 10+ (#429)
  • BREAKING: Upgrade to postcss v8 and require it as a peerDependency (#427, #432)
  • Update dependencies
Changelog

Sourced from postcss-import's changelog.

15.1.0 / 2022-12-07

  • Add data: URL support (this is not useful for most consumers) (#515)

15.0.1 / 2022-12-01

  • Preserve layer in ignored @imports (#510, #511)
  • Join media queries in the correct order (#512, #513)

15.0.0 / 2022-08-30

  • BREAKING: Require Node.js v14+ (#497)
  • BREAKING: Require nameLayer option for handling anonymous layers (#496)
  • Fix handling of @media queries inside layered imports (#495, #496)

14.1.0 / 2022-03-22

  • Add @layer support (#483)

14.0.2 / 2021-05-10

  • Remove remaining direct import of postcss package (#455, #456)

14.0.1 / 2021-03-31

  • Fix bug with @charset statements in media imports (#448, #453)

14.0.0 / 2020-12-14

This release should not have breaking changes for the vast majority of users; only those with @charset statements in their CSS may be affected.

  • BREAKING: Error if multiple incompatible @charset statements (#447)
  • BREAKING: Warn if @charset statements are not at the top of files (#447)
  • Fix handing of @charset (#436, #447)

13.0.0 / 2020-10-20

  • BREAKING: Require Node 10+ (#429)
  • BREAKING: Upgrade to postcss v8 and require it as a peerDependency (#427, #432)
  • Update dependencies
Commits


Updates postcss-url from 8.0.0 to 10.1.3

Release notes

Sourced from postcss-url's releases.

10.1.3

Fixed: update mime version

10.1.2

Fixed: tilde operator for dependencies to allow for newer patch version

10.1.1

Fixed: updated mime and xxhashjs versions Fixed: postcss peerDependency version 8.1.2 -> 8.0.0

10.1.0

Fixed: Replaced mkdirp with make-dir (PR#152) Fixed: updated dev dependencies, resolved npm audit issues Fixed: unlock postcss in peerDependecies

10.0.0

Added: support for PostCSS 8 (PR#148) Fixed: path resolution when to/from paths match (PR#136)

9.0.0 - beta - 2019-04-17

Added: async api (PR#134)

Changelog

Sourced from postcss-url's changelog.

10.1.3 - 2021-03-19

Fixed: update mime version

10.1.2 - 2021-03-19

Fixed: tilde operator for dependencies to allow for newer patch version

10.1.1 - 2020-11-26

Fixed: updated mime and xxhashjs versions Fixed: postcss peerDependency version 8.1.2 -> 8.0.0

10.1.0 - 2020-11-04

Fixed: Replaced mkdirp with make-dir (PR#152) Fixed: updated dev dependencies, resolved npm audit issues

10.0.0 - 2020-10-23

Added: support for PostCSS 8 (PR#148) Fixed: path resolution when to/from paths match (PR#136)

9.0.0 - 2019-04-17

Fixed: Async API Added: support for PostCSS 8

Commits


You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bonitasoft/bonita-documentation-theme/network/alerts).

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

sonarcloud[bot] commented 11 months ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

benjaminParisel commented 10 months ago

@dependabot rebase

dependabot[bot] commented 10 months ago

Looks like these dependencies are updatable in another way, so this is no longer needed.