search

pixelastic / norska

🏔️ Custom SSG using Pug, Webpack, PostCSS and Tailwind.
https://projects.pixelastic.com/norska/
MIT License
8 stars 0 forks source link

chore(deps): update dependency postcss to v8.2.10 [security] - autoclosed #127

Closed renovate[bot] closed 3 years ago

renovate[bot] commented 3 years ago

WhiteSource Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
postcss (source) 8.1.10 -> 8.2.10 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2021-23368

The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing.

Release Notes

postcss/postcss ### [`v8.2.10`](https://togithub.com/postcss/postcss/blob/master/CHANGELOG.md#​8210) [Compare Source](https://togithub.com/postcss/postcss/compare/8.2.9...8.2.10) - Fixed ReDoS vulnerabilities in source map parsing. - Fixed webpack 5 support (by Barak Igal). - Fixed docs (by Roeland Moors). ### [`v8.2.9`](https://togithub.com/postcss/postcss/blob/master/CHANGELOG.md#​829) [Compare Source](https://togithub.com/postcss/postcss/compare/8.2.8...8.2.9) - Exported `NodeErrorOptions` type (by Rouven Weßling). ### [`v8.2.8`](https://togithub.com/postcss/postcss/blob/master/CHANGELOG.md#​828) [Compare Source](https://togithub.com/postcss/postcss/compare/8.2.7...8.2.8) - Fixed browser builds in webpack 4 (by Matt Jones). ### [`v8.2.7`](https://togithub.com/postcss/postcss/blob/master/CHANGELOG.md#​827) [Compare Source](https://togithub.com/postcss/postcss/compare/8.2.6...8.2.7) - Fixed browser builds in webpack 5 (by Matt Jones). ### [`v8.2.6`](https://togithub.com/postcss/postcss/blob/master/CHANGELOG.md#​826) [Compare Source](https://togithub.com/postcss/postcss/compare/8.2.5...8.2.6) - Fixed `Maximum call stack size exceeded` in `Node#toJSON`. - Fixed docs (by inokawa). ### [`v8.2.5`](https://togithub.com/postcss/postcss/blob/master/CHANGELOG.md#​825) [Compare Source](https://togithub.com/postcss/postcss/compare/8.2.4...8.2.5) - Fixed escaped characters handling in `list.split` (by Natalie Weizenbaum). ### [`v8.2.4`](https://togithub.com/postcss/postcss/blob/master/CHANGELOG.md#​824) [Compare Source](https://togithub.com/postcss/postcss/compare/8.2.3...8.2.4) - Added plugin name to `postcss.plugin()` warning (by Tom Williams). - Fixed docs (by Bill Columbia). ### [`v8.2.3`](https://togithub.com/postcss/postcss/blob/master/CHANGELOG.md#​823) [Compare Source](https://togithub.com/postcss/postcss/compare/8.2.2...8.2.3) - Fixed `JSON.stringify(Node[])` support (by Niklas Mischkulnig). ### [`v8.2.2`](https://togithub.com/postcss/postcss/blob/master/CHANGELOG.md#​822) [Compare Source](https://togithub.com/postcss/postcss/compare/8.2.1...8.2.2) - Fixed CSS-in-JS support (by James Garbutt). - Fixed plugin types (by Ludovico Fischer). - Fixed `Result#warn()` types. ### [`v8.2.1`](https://togithub.com/postcss/postcss/blob/master/CHANGELOG.md#​8215) [Compare Source](https://togithub.com/postcss/postcss/compare/8.2.0...8.2.1) - Fixed `list` type definitions (by [@​n19htz](https://togithub.com/n19htz)). ### [`v8.2.0`](https://togithub.com/postcss/postcss/releases/8.2.0) [Compare Source](https://togithub.com/postcss/postcss/compare/8.1.14...8.2.0) Prince Orobas seal PostCSS 8.2 added a new API to serialize and deserialize CSS AST to JSON. ```js import { parse, fromJSON } from 'postcss' let root = parse('a{}', { from: 'input.css' }) let json = root.toJSON() // save to file, send by network, etc let root2 = fromJSON(json) ``` Thanks to [@​mischnic](https://togithub.com/mischnic) for [his work](https://togithub.com/postcss/postcss/pull/1484). ### [`v8.1.14`](https://togithub.com/postcss/postcss/blob/master/CHANGELOG.md#​8114) [Compare Source](https://togithub.com/postcss/postcss/compare/8.1.13...8.1.14) - Fixed parser performance regression. ### [`v8.1.13`](https://togithub.com/postcss/postcss/blob/master/CHANGELOG.md#​8113) [Compare Source](https://togithub.com/postcss/postcss/compare/8.1.12...8.1.13) - Fixed broken AST after moving nodes in visitor API. ### [`v8.1.12`](https://togithub.com/postcss/postcss/blob/master/CHANGELOG.md#​8112) [Compare Source](https://togithub.com/postcss/postcss/compare/8.1.11...8.1.12) - Fixed Autoprefixer regression. ### [`v8.1.11`](https://togithub.com/postcss/postcss/blob/master/CHANGELOG.md#​8111) [Compare Source](https://togithub.com/postcss/postcss/compare/8.1.10...8.1.11) - Added PostCSS update suggestion on unknown event in plugin.

Configuration

📅 Schedule: "" in timezone Europe/Paris.

🚦 Automerge: Enabled.

♻️ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by WhiteSource Renovate. View repository job log here.

renovate[bot] commented 3 years ago

Branch automerge failure

This PR was configured for branch automerge, however this is not possible so it has been raised as a PR instead.