chore(deps): update dependency postcss to v8.4.31 [security]

[renovate[bot]]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
postcss (source)	8.4.27 -> 8.4.31

GitHub Vulnerability Alerts

CVE-2023-44270

An issue was discovered in PostCSS before 8.4.31. It affects linters using PostCSS to parse external Cascading Style Sheets (CSS). There may be \r discrepancies, as demonstrated by @font-face{ font:(\r/*);} in a rule.

This vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being originally included in a comment.

---

Release Notes

postcss/postcss (postcss)

### [`v8.4.31`](https://togithub.com/postcss/postcss/blob/HEAD/CHANGELOG.md#8431) [Compare Source](https://togithub.com/postcss/postcss/compare/8.4.30...8.4.31) - Fixed `\r` parsing to fix CVE-2023-44270. ### [`v8.4.30`](https://togithub.com/postcss/postcss/blob/HEAD/CHANGELOG.md#8430) [Compare Source](https://togithub.com/postcss/postcss/compare/8.4.29...8.4.30) - Improved source map performance (by Romain Menke). ### [`v8.4.29`](https://togithub.com/postcss/postcss/blob/HEAD/CHANGELOG.md#8429) [Compare Source](https://togithub.com/postcss/postcss/compare/8.4.28...8.4.29) - Fixed `Node#source.offset` (by Ido Rosenthal). - Fixed docs (by Christian Oliff). ### [`v8.4.28`](https://togithub.com/postcss/postcss/blob/HEAD/CHANGELOG.md#8428) [Compare Source](https://togithub.com/postcss/postcss/compare/8.4.27...8.4.28) - Fixed `Root.source.end` for better source map (by Romain Menke). - Fixed `Result.root` types when `process()` has no parser.

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• [ ] If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[changeset-bot[bot]]

⚠️ No Changeset found

Latest commit: 2eb7b3ab0b8336d9baa79026f7f0cd9554ed9523

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[vercel[bot]]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
chirpy	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Apr 24, 2024 1:49am

[cypress[bot]]

4 failed tests on run #2039 ↗︎

4

2

0

1

0

Details:

chore(deps): update dependency postcss to v8.4.31 [security]
Project: chirpy	Commit: bb72d9d327
Status: Failed	Duration: 02:40 💡
Started: Oct 8, 2023 2:04 AM	Ended: Oct 8, 2023 2:07 AM

  home/header.spec.ts • 2 failed tests • Cypress Actions

View Output Video

Test		Artifacts
Header > should show navigation links		Output Screenshots Video
Header > should show user menu		Output Screenshots Video

  dashboard/project.spec.ts • 1 failed test • Cypress Actions

View Output Video

Test		Artifacts
Project > should show integration doc		Output Screenshots Video

  home/index.spec.ts • 1 failed test • Cypress Actions

View Output Video

Test		Artifacts
Index > main call to actions		Output Screenshots Video

Review all test suite changes for PR #582 ↗︎