sillsdev / web-languageforge

Language Forge: Online Collaborative Dictionary Building on the Web and Phone.
https://languageforge.org
MIT License
44 stars 29 forks source link

Bump postcss and css-loader #1804

Closed dependabot[bot] closed 6 months ago

dependabot[bot] commented 7 months ago

Bumps postcss to 8.4.38 and updates ancestor dependency css-loader. These dependencies need to be updated together.

Updates postcss from 7.0.39 to 8.4.38

Release notes

Sourced from postcss's releases.

8.4.38

8.4.37

  • Fixed original.column are not numbers error in another case.

8.4.36

  • Fixed original.column are not numbers error on broken previous source map.

8.4.35

  • Avoid ! in node.parent.nodes type.
  • Allow to pass undefined to node adding method to simplify types.

8.4.34

8.4.33

8.4.32

8.4.31

  • Fixed \r parsing to fix CVE-2023-44270.

8.4.30

8.4.29

8.4.28

  • Fixed Root.source.end for better source map (by @​romainmenke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

8.4.26

  • Fixed clone methods types.

8.4.25

8.4.24

  • Fixed Plugin types.

... (truncated)

Changelog

Sourced from postcss's changelog.

8.4.38

8.4.37

  • Fixed original.column are not numbers error in another case.

8.4.36

  • Fixed original.column are not numbers error on broken previous source map.

8.4.35

  • Avoid ! in node.parent.nodes type.
  • Allow to pass undefined to node adding method to simplify types.

8.4.34

  • Fixed AtRule#nodes type (by Tim Weißenfels).
  • Cleaned up code (by Dmitry Kirillov).

8.4.33

  • Fixed NoWorkResult behavior difference with normal mode (by Romain Menke).
  • Fixed NoWorkResult usage conditions (by @​ahmdammarr).

8.4.32

  • Fixed postcss().process() types (by Andrew Ferreira).

8.4.31

  • Fixed \r parsing to fix CVE-2023-44270.

8.4.30

  • Improved source map performance (by Romain Menke).

8.4.29

  • Fixed Node#source.offset (by Ido Rosenthal).
  • Fixed docs (by Christian Oliff).

8.4.28

  • Fixed Root.source.end for better source map (by Romain Menke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

8.4.26

  • Fixed clone methods types.

8.4.25

8.4.24

  • Fixed Plugin types.

... (truncated)

Commits
  • a69d45e Release 8.4.38 version
  • 64e35d9 Update dependencies
  • c1ad8fb Merge pull request #1932 from romainmenke/fix-warning-end-index--inventive-nu...
  • b45e7e9 fix endIndex
  • 1bea246 failing test: for endIndex 0 in rangeBy
  • 0fd1d86 Add changelog auto release on Github
  • 49c906e Release 8.4.37 version
  • b5bd92c Fix another broken prev source map issue
  • 2882039 Update dependencies
  • e5ad939 Release 8.4.36 version
  • Additional commits viewable in compare view


Updates css-loader from 3.6.0 to 7.1.1

Release notes

Sourced from css-loader's releases.

v7.1.1

7.1.1 (2024-04-10)

Bug Fixes

  • automatically rename class default to _default when named export is enabled (#1590) (d6c31a1)

v7.1.0

7.1.0 (2024-04-08)

Features

  • added the getJSON option to output CSS modules mapping (#1577) (af834b4)

v7.0.0

7.0.0 (2024-04-04)

⚠ BREAKING CHANGES

  • The modules.namedExport option is true by default if you enable the esModule option

Migration guide:

Before:

import style from "./style.css";

console.log(style.myClass);

After:

import * as style from "./style.css";

console.log(style.myClass);

  • The modules.exportLocalsConvention has the value as-is when the modules.namedExport option is true and you don't specify a value
  • Minimum supported webpack version is 5.27.0
  • Minimum supported Node.js version is 18.12.0

Features

  • The modules.namedExports option works fine with any modules.exportLocalsConvention values (f96a110)
  • Added dashed variants for the modules.exportLocalsConvention options (40e1668)

... (truncated)

Changelog

Sourced from css-loader's changelog.

7.1.1 (2024-04-10)

Bug Fixes

  • automatically rename class default to _default when named export is enabled (#1590) (d6c31a1)

7.1.0 (2024-04-08)

Features

  • added the getJSON option to output CSS modules mapping (#1577) (af834b4)

7.0.0 (2024-04-04)

⚠ BREAKING CHANGES

  • The modules.namedExport option is true by default if you enable the esModule option

Migration guide:

Before:

import style from "./style.css";

console.log(style.myClass);

After:

import * as style from "./style.css";

console.log(style.myClass);

To restore 6.x behavior, please use:

module.exports = {
  module: {
    rules: [
      {
        test: /\.css$/i,
        loader: "css-loader",
        options: {
          modules: {
</tr></table> 

... (truncated)

Commits
  • 5c717c9 chore(release): 7.1.1
  • d6c31a1 fix: automatically rename class default to _default when named export is ...
  • b162e25 chore(release): 7.1.0
  • 15f793d docs: update logic (#1587)
  • 9c165a4 docs: update migration guide (#1586)
  • af834b4 feat: added the getJSON option to output CSS modules mapping (#1577)
  • fd18587 chore: husky migration (#1584)
  • 96e6ff4 chore(release): 7.0.0
  • a2231ae test: update
  • f96a110 feat: namedExports works fine with any exportLocalsConvention value
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/sillsdev/web-languageforge/network/alerts).
github-actions[bot] commented 7 months ago

Unit Test Results

362 tests   362 :white_check_mark:  13s :stopwatch:  37 suites    0 :zzz:   1 files      0 :x:

Results for commit a9564442.

dependabot[bot] commented 6 months ago

Looks like these dependencies are no longer updatable, so this is no longer needed.