search

skrantzman / DNN_Tailwind

DNN_Tailwind is a powerful theme development platform that allows you to create robust and responsive DNN website themes, all while writing very little css.
https://www.dnntailwind.com
GNU General Public License v3.0
8 stars 0 forks source link

[Snyk] Upgrade tailwindcss from 2.0.3 to 2.0.4 #17

Closed snyk-bot closed 2 years ago

snyk-bot commented 3 years ago

Snyk has created this PR to upgrade tailwindcss from 2.0.3 to 2.0.4.

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Command Injection
SNYK-JS-LODASH-1040724		 467/1000
Why? Proof of Concept exploit, CVSS 7.2		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-LODASH-1018905		 467/1000
Why? Proof of Concept exploit, CVSS 7.2		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-COLORSTRING-1082939		 467/1000
Why? Proof of Concept exploit, CVSS 7.2		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: tailwindcss
  • 2.0.4 - 2021-03-17

    Fixed

    • Pass full var(--bg-opacity) value as opacityValue when defining colors as functions (d98f2f8)
  • 2.0.3 - 2021-02-07

    Fixed

    • Ensure sourcemap input is deterministic when using @ apply in Vue components (#3356)
    • Ensure placeholder opacity is consistent across browsers (#3308)
    • Fix issue where theme() didn't work with colors defined as functions (#2919)
    • Enable dark variants by default for color opacity utilities (#2975)

    Added

    • Add support for a tailwind.config.cjs file in Node ESM projects (#3181)
    • Add version comment to Preflight (#3255)
    • Add cursor-help by default (#3199)
from tailwindcss GitHub release notes
Commit messages
Package name: tailwindcss
  • d1c5a64 2.0.4
  • fe98cc3 Pass full opacityValue always
  • af25d51 Update postcss-nested to version 5.0.5
  • 86b0bbc Update all of babel7 to version 7.13.8
  • ea3bd20 Update lodash to version 4.17.21
  • 0b15037 Update eslint to version 7.20.0
  • 8c611a5 Update resolve to version 1.20.0
  • e2fcb92 Update postcss to version 8.2.6
  • bab21b0 Update all of babel7 to version 7.12.13
  • 952fa15 Update fixtures
  • c52d23a Update changelog
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs