Fix postcss vulernerabilities

[woody-li]

The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing.

https://nvd.nist.gov/vuln/detail/CVE-2021-23368

Please update postcss version to fix it.

[tommylau-exe]

Opened a PR to solve: https://github.com/gulp-sourcemaps/identity-map/pull/12.

Only issue is that the CI uses older Node versions (specifically v6 and v8) which aren't supported by PostCSS anymore, since those versions no longer receive security updates.

[DmitriyKirakosyan]

Hi @tommylau-exe, thank you for your PR! Do you have any information regarding the PR status? Will it be merged soon?

[tommylau-exe]

@DmitriyKirakosyan I'm not associated with this project, so I can't say for sure. It's up to the maintainer(s) and whenever they have time to merge the request!