search

hexojs / hexo-asset-pipeline

A hexo plugin to minify/optimize HTML, CSS, JS and images. Supports revisioning of assets.
29 stars 16 forks source link

Bump clean-css from 4.2.3 to 5.1.0 #100

Closed dependabot-preview[bot] closed 3 years ago

dependabot-preview[bot] commented 3 years ago

Bumps clean-css from 4.2.3 to 5.1.0.

Changelog

Sourced from clean-css's changelog.

5.1.0 / 2021-02-18

  • Fixes stripping '%' from inside color functions.
  • Improves tokenization speed by ~30%.
  • Fixed issue #1143 - some missing level 1 value optimizations.

5.0.1 / 2021-01-29

  • Fixed issue #1139 - overriding & merging properties without canOverride set.

5.0.0 / 2021-01-29

  • Adds a way process input files without bundling it into one big output file.
  • Adds level 1 and level 2 optimization plugins.
  • Disables URL rebasing by default.
  • Disables URL unquoting by default.
  • Drops support for Node.js 6 & 8 to support last 3 Node.js releases: 10, 12, and 14.
  • Fixed issue #889 - whitelisted level 1 optimizations.
  • Fixed issue #975 - incorrect block name optimization.
  • Fixed issue #1009 - whitespace around comments.
  • Fixed issue #1021 - allow one- and two-letter property names.
  • Fixed issue #1022 - merging into shorthands new property positioning.
  • Fixed issue #1032 - wrong order of merged shorthands with inherit.
  • Fixed issue #1043 - calc fallback removed within other function.
  • Fixed issue #1045 - non-standard protocol-less URL first slash removed.
  • Fixed issue #1050 - correctly keeps default animation duration if delay is also set.
  • Fixed issue #1053 - treats calc() as first class width value.
  • Fixed issue #1055 - supports 4- and 8-character hex with alpha color notation.
  • Fixed issue #1057 - level 2 optimizations and quoted font family name.
  • Fixed issue #1059 - animation time units as CSS expressions.
  • Fixed issue #1060 - variable removed when shorthand's only value.
  • Fixed issue #1062 - wrong optimization of CSS pseudo-classes with selector list.
  • Fixed issue #1073 - adds support for non-standard rpx units.
  • Fixed issue #1075 - media merging and variables.
  • Fixed issue #1087 - allow units with any case.
  • Fixed issue #1088 - building source maps with source preserved via comments.
  • Fixed issue #1090 - edge case in merging for border and border-image.
  • Fixed issue #1103 - don't allow merging longhand into unset shorthand.
  • Fixed issue #1115 - incorrect multiplex longhand into shorthand merging.
  • Fixed issue #1117 - don't change zero values inside min, max, and clamp functions.
  • Fixed issue #1122 - don't wrap data URI in single quotes.
  • Fixed issue #1125 - quotes stripped from withing @supports clause.
  • Fixed issue #1128 - take variables into account when reordering properties.
  • Fixed issue #1132 - vendor-prefixed classes inside :not().
  • Reworks all level 1 optimizations to conform to plugin style.
Commits
  • 5f4fe15 Version 5.1.0.
  • 12d16d5 Fixes #1143 - some missing level 1 value optimizations.
  • a0e61fe Adds bootstrap v5 as a test fixture.
  • d9ab4b4 Fixes stripping '%' from inside color functions.
  • 10422a3 Add CodeQL Action
  • 91c88ba Switch to GitHub Action CI for Linux and Windows builds
  • 9422451 module-test: fix wrong escape characters
  • b0a8574 tokenize: remove redundant length calls
  • 6297655 Improves tokenization speed by further ~10%.
  • 6d8c725 Improves tokenization speed by ~20%.
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)
dependabot-preview[bot] commented 3 years ago

Superseded by #103.