hexojs / hexo-asset-pipeline

A hexo plugin to minify/optimize HTML, CSS, JS and images. Supports revisioning of assets.
29 stars 16 forks source link

Bump clean-css from 4.2.3 to 5.1.2 #105

Closed dependabot-preview[bot] closed 3 years ago

dependabot-preview[bot] commented 3 years ago

⚠️ Dependabot Preview has been deactivated ⚠️

This pull request was created by Dependabot Preview, and you've upgraded to Dependabot. This means it won't respond to dependabot commands nor will it be automatically closed if a new version is found.

If you close this pull request, Dependabot will re-create it the next time it checks for updates and everything will work as expected.


Bumps clean-css from 4.2.3 to 5.1.2.

Changelog

Sourced from clean-css's changelog.

5.1.2 / 2021-03-19

  • Fixed issue #996 - space removed from pseudo classes.

5.1.1 / 2021-03-03

  • Fixed issue #1156 - invalid hsl/hsla validation in level 2 optimizations.

5.1.0 / 2021-02-18

  • Fixes stripping '%' from inside color functions.
  • Improves tokenization speed by ~30%.
  • Fixed issue #1143 - some missing level 1 value optimizations.

5.0.1 / 2021-01-29

  • Fixed issue #1139 - overriding & merging properties without canOverride set.

5.0.0 / 2021-01-29

  • Adds a way process input files without bundling it into one big output file.
  • Adds level 1 and level 2 optimization plugins.
  • Disables URL rebasing by default.
  • Disables URL unquoting by default.
  • Drops support for Node.js 6 & 8 to support last 3 Node.js releases: 10, 12, and 14.
  • Fixed issue #889 - whitelisted level 1 optimizations.
  • Fixed issue #975 - incorrect block name optimization.
  • Fixed issue #1009 - whitespace around comments.
  • Fixed issue #1021 - allow one- and two-letter property names.
  • Fixed issue #1022 - merging into shorthands new property positioning.
  • Fixed issue #1032 - wrong order of merged shorthands with inherit.
  • Fixed issue #1043 - calc fallback removed within other function.
  • Fixed issue #1045 - non-standard protocol-less URL first slash removed.
  • Fixed issue #1050 - correctly keeps default animation duration if delay is also set.
  • Fixed issue #1053 - treats calc() as first class width value.
  • Fixed issue #1055 - supports 4- and 8-character hex with alpha color notation.
  • Fixed issue #1057 - level 2 optimizations and quoted font family name.
  • Fixed issue #1059 - animation time units as CSS expressions.
  • Fixed issue #1060 - variable removed when shorthand's only value.
  • Fixed issue #1062 - wrong optimization of CSS pseudo-classes with selector list.
  • Fixed issue #1073 - adds support for non-standard rpx units.
  • Fixed issue #1075 - media merging and variables.
  • Fixed issue #1087 - allow units with any case.
  • Fixed issue #1088 - building source maps with source preserved via comments.

... (truncated)

Commits
  • aa250dd Version 5.1.2.
  • 5d7d6aa Fixes #996 - outstanding issue with spaces removed inside pseudoclasses.
  • ebf9ea7 Bumps web interface to version 5.1.1.
  • 896945f Version 5.1.1.
  • a7cdd76 Fixes #1156 - invalid hsl/hsla validation in level 2 optimizations.
  • 2a03edb Bumps web interface to version 5.1.0.
  • 5f4fe15 Version 5.1.0.
  • 12d16d5 Fixes #1143 - some missing level 1 value optimizations.
  • a0e61fe Adds bootstrap v5 as a test fixture.
  • d9ab4b4 Fixes stripping '%' from inside color functions.
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)
dependabot-preview[bot] commented 3 years ago

OK, I won't notify you again about this release, but will get in touch when a new version is available.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.