Bump postcss and vue-loader in /web

[dependabot[bot]]

Bumps postcss to 8.4.38 and updates ancestor dependency vue-loader. These dependencies need to be updated together.

Updates postcss from 7.0.39 to 8.4.38

Release notes

Sourced from postcss's releases.

8.4.38

• Fixed endIndex: 0 in errors and warnings (by @​romainmenke).

8.4.37

• Fixed original.column are not numbers error in another case.

8.4.36

• Fixed original.column are not numbers error on broken previous source map.

8.4.35

• Avoid ! in node.parent.nodes type.
• Allow to pass undefined to node adding method to simplify types.

8.4.34

• Fixed AtRule#nodes type (by @​tim-we).
• Cleaned up code (by @​DrKiraDmitry).

8.4.33

• Fixed NoWorkResult behavior difference with normal mode (by @​romainmenke).
• Fixed NoWorkResult usage conditions (by @​ahmdammarr).

8.4.32

• Fixed postcss().process() types (by @​ferreira-tb).

8.4.31

• Fixed \r parsing to fix CVE-2023-44270.

8.4.30

• Improved source map performance (by @​romainmenke).

8.4.29

• Fixed Node#source.offset (by @​idoros).
• Fixed docs (by @​coliff).

8.4.28

• Fixed Root.source.end for better source map (by @​romainmenke).
• Fixed Result.root types when process() has no parser.

8.4.27

• Fixed Container clone methods types.

8.4.26

• Fixed clone methods types.

8.4.25

• Improve stringify performance (by @​romainmenke).
• Fixed docs (by @​vikaskaliramna07).

8.4.24

• Fixed Plugin types.

... (truncated)

Changelog

Sourced from postcss's changelog.

8.4.38

• Fixed endIndex: 0 in errors and warnings (by @​romainmenke).

8.4.37

• Fixed original.column are not numbers error in another case.

8.4.36

• Fixed original.column are not numbers error on broken previous source map.

8.4.35

• Avoid ! in node.parent.nodes type.
• Allow to pass undefined to node adding method to simplify types.

8.4.34

• Fixed AtRule#nodes type (by Tim Weißenfels).
• Cleaned up code (by Dmitry Kirillov).

8.4.33

• Fixed NoWorkResult behavior difference with normal mode (by Romain Menke).
• Fixed NoWorkResult usage conditions (by @​ahmdammarr).

8.4.32

• Fixed postcss().process() types (by Andrew Ferreira).

8.4.31

• Fixed \r parsing to fix CVE-2023-44270.

8.4.30

• Improved source map performance (by Romain Menke).

8.4.29

• Fixed Node#source.offset (by Ido Rosenthal).
• Fixed docs (by Christian Oliff).

8.4.28

• Fixed Root.source.end for better source map (by Romain Menke).
• Fixed Result.root types when process() has no parser.

8.4.27

• Fixed Container clone methods types.

8.4.26

• Fixed clone methods types.

8.4.25

• Improve stringify performance (by Romain Menke).
• Fixed docs (by @​vikaskaliramna07).

8.4.24

• Fixed Plugin types.

... (truncated)

Commits

• a69d45e Release 8.4.38 version
• 64e35d9 Update dependencies
• c1ad8fb Merge pull request #1932 from romainmenke/fix-warning-end-index--inventive-nu...
• b45e7e9 fix endIndex
• 1bea246 failing test: for endIndex 0 in rangeBy
• 0fd1d86 Add changelog auto release on Github
• 49c906e Release 8.4.37 version
• b5bd92c Fix another broken prev source map issue
• 2882039 Update dependencies
• e5ad939 Release 8.4.36 version
• Additional commits viewable in compare view

Updates vue-loader from 15.11.1 to 17.4.2

Release notes

Sourced from vue-loader's releases.

v17.3.1

Bug Fixes

• do not skip style post loader for v-bind() in non-scoped CSS (d7071bb), closes #2061

v17.3.0

Bug Fixes

• re-use ident of vue rule for template compiler, fixes #2029 (#2030) (b50fa56)

Features

• skip normal css files without scoped flag in stylePostLoader (#2053) (98782e7)

v17.2.2

Bug Fixes

• fix: windows path for experiments.css by @​h-a-n-a in vuejs/vue-loader#2049

v17.2.1

Features

• A new experimentalInlineMatchResource option (webpack 5 only), which leverages webpack 5's inline matchResource feature in the underlying implementation, and works well with the experiments.css feature This also makes vue-loader compatible with Rspack (#2046) (3149f6d).

Note: v17.2.0 was released by accident; it has the same content as v17.1.2, therefore not included in the Releases page.

v17.1.2

Bug Fixes

• keep build stable when run in a different path (#2040) (a81dc0f)
• properly close the watcher after webpack 4 tests (40b93b9)

v17.1.1

Bug Fixes

• support experimental propsDestructure and defineModel options (6269698)

v17.1.0

Bug Fixes

• fix: reference project compiler, fixes #2031 by @​heywhy in vuejs/vue-loader#2038
• fix: do not throw when Rule.layer is used by @​nolimitdev in vuejs/vue-loader#2000

Features

• support 3.3 imported types hmr (bbd98fc)

Full Changelog: https://github.com/vuejs/vue-loader/compare/v17.0.1...v17.1.0

... (truncated)

Changelog

Sourced from vue-loader's changelog.

17.4.2 (2023-12-30)

Bug Fixes

• pass compilerOptions to sfc parse & re-enable AST reuse (d2a2e05)

17.4.1 (2023-12-30)

Bug Fixes

• (temporarily) disable template ast reuse (31b03af)

17.4.0 (2023-12-25)

Features

• leverage ast reuse in 3.4 (479835f)

17.3.1 (2023-10-31)

Bug Fixes

• do not skip style post loader for v-bind() in CSS (d7071bb), closes #2061

17.3.0 (2023-10-07)

Bug Fixes

• re-use ident of vue rule for template compiler, fixes #2029 (#2030) (b50fa56)

Features

• skip normal css files without scoped flag in stylePostLoader (#2053) (98782e7)

17.2.2 (2023-06-02)

... (truncated)

Commits

• 1c0324f v17.4.2
• d2a2e05 fix: pass compilerOptions to sfc parse & re-enable AST reuse
• 071f30d chore: bump to vue 3.4.3
• 94e778e chore: 17.4.1 changelog
• 284a333 17.4.1
• 31b03af fix: (temporarily) disable template ast reuse
• 50699e6 chore: set compilerOptions in example
• 59a0570 chore: changelog for 17.4.0
• 1bce3f8 v17.4.0
• f71cb1d chore: update caniuse db
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/osm-fr/osmose-frontend/network/alerts).

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.