Bump cssnano from 6.0.3 to 6.1.2

dependabot[bot] commented 3 months ago

Bumps cssnano from 6.0.3 to 6.1.2.

Release notes

v6.1.2

Bug Fixes

preserve correct order of gap and column-gap properties

Patch Changes

update autoprefixer

v6.1.1

Patch changes

update selector parser

in the minify font plugin, you can pass a function to determine whether a css variable is one of font, font-family, and font-weight to determine whether the variable needs to remove quotes.

v6.1.0

This release contains a lot of fixes to Browserslist support thanks to @colinrotherham

Features

support Browserslist options in more plugins

support overriding autoprefixer options

Additionally, this release includes improved TypeScript types.

v6.0.5

Bug Fixes

correctly minify font declaration in edge cases

preserve initial property in -webkit-line-clamp

v6.0.4

Bug Fixes

preserve empty @layer declarations

avoid crashing when encountering @layer without any braces afterwards

update to latest lilconfig dependency to avoid vulnerability

Commits

760ba29 Publish cssnano 6.1.2
0ffe067 Update css-declaration-sorter to 7.2.0
0b9ce45 Merge pull request #1589 from cssnano/update-autoprefixer
2f3fb50 chore(cssnano-preset-advanced): update autoprefixer
3282447 Merge pull request #1587 from cssnano/update-dev-deps
0857e15 chore: update development dependencies
7a1cfe3 Merge pull request #1586 from cssnano/update-website
32eebd5 docs: update website dependencies
18206e6 Merge pull request #1585 from cssnano/release-611
d7b4d2b Publish cssnano 6.1.1
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

socket-security[bot] commented 3 months ago

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/cssnano@6.1.2	Transitive: environment, filesystem, network, shell, unsafe	`+65`	10.3 MB	ludovicofischer

🚮 Removed packages: npm/cssnano@6.0.3

View full report↗︎

netlify[bot] commented 3 months ago

Deploy Preview for hopeful-kilby-bb0e86 ready!

Name	Link
Latest commit	998252671c15b23694a0f0fc4c5cd3c54f6d671b
Latest deploy log	https://app.netlify.com/sites/hopeful-kilby-bb0e86/deploys/6605a7af51fb1a0008545975
Deploy Preview	https://deploy-preview-97--hopeful-kilby-bb0e86.netlify.app
Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

ninjulia / becausejulia