[Snyk] Upgrade css-loader from 5.2.1 to 5.2.7

[snyk-bot]

Snyk has created this PR to upgrade css-loader from 5.2.1 to 5.2.7.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 6 versions ahead of your current version.
• The recommended version was released 6 months ago, on 2021-07-13.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: css-loader

• 5.2.7 - 2021-07-13
  

  5.2.7 (2021-07-13)

  Bug Fixes

  • fix crash when source map is unavailable with external URL in [@ import](https://snyk.io/redirect/github/import) (bb76fe4)
• 5.2.6 - 2021-05-24
  

  5.2.6 (2021-05-24)

  Bug Fixes

  • always write locals export when css modules/icss enabled (#1315) (075d9bd)
• 5.2.5 - 2021-05-20
  

  5.2.5 (2021-05-20)

  Bug Fixes

  • compatibility with named export and es5 (#1314) (0cf8cde)
• 5.2.4 - 2021-04-19
  

  5.2.4 (2021-04-19)

  Bug Fixes

  • do not crash on 'false' aliases (#1292) (e913cb1)
• 5.2.3 - 2021-04-19
  

  5.2.3 (2021-04-19)

  Bug Fixes

  • improve performance
• 5.2.2 - 2021-04-16
  

  5.2.2 (2021-04-16)

  Bug Fixes

  • avoid escape nonASCII characters in local names (0722733)
• 5.2.1 - 2021-04-09
  

  5.2.1 (2021-04-09)

  Bug Fixes

  • do not crash on unescaped svg data uri (#1288) (4f289c5)

from css-loader GitHub release notes

Commit messages

Package name: css-loader

• ae98845 chore(release): 5.2.7
• bb76fe4 fix: fix crash when source map is unavailable with external URL in `@ import`
• adcc438 ci: use `actions/setup-node@v2` (#1323)
• c7f81eb chore: fix typo (#1318)
• d31c680 chore(release): 5.2.6
• 075d9bd fix: always write locals export when css modules/icss enabled (#1315)
• fa9d4c4 chore(release): 5.2.5
• 0cf8cde fix: compatibility with named export and es5 (#1314)
• 8f1a6fc chore: `husky` updated (#1312)
• 417aaba docs: recommend (#1313)
• ab92c82 chore: removed `camelCase` package from dependencies (#1311)
• a3ca8c0 chore(deps): update (#1310)
• bb2a649 docs: clarify behavior of URL option (#1308)
• 13b7458 chore(release): 5.2.4
• e913cb1 fix: do not crash on 'false' aliases (#1292)
• 2388439 chore(release): 5.2.3
• 911f02d perf: improve (#1290)
• 4f10583 chore(release): 5.2.2
• 0722733 fix: avoid escape nonASCII characters in local names

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs