web-illinois / toolkit

This library provides styles and web components for creating branded UIUC websites.
18 stars 7 forks source link

Bump postcss and postcss-initial #534

Open dependabot[bot] opened 8 months ago

dependabot[bot] commented 8 months ago

Bumps postcss to 8.4.35 and updates ancestor dependency postcss-initial. These dependencies need to be updated together.

Updates postcss from 8.4.23 to 8.4.35

Release notes

Sourced from postcss's releases.

8.4.35

  • Avoid ! in node.parent.nodes type.
  • Allow to pass undefined to node adding method to simplify types.

8.4.34

8.4.33

8.4.32

8.4.31

  • Fixed \r parsing to fix CVE-2023-44270.

8.4.30

8.4.29

8.4.28

  • Fixed Root.source.end for better source map (by @​romainmenke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

8.4.26

  • Fixed clone methods types.

8.4.25

8.4.24

  • Fixed Plugin types.
Changelog

Sourced from postcss's changelog.

8.4.35

  • Avoid ! in node.parent.nodes type.
  • Allow to pass undefined to node adding method to simplify types.

8.4.34

  • Fixed AtRule#nodes type (by Tim Weißenfels).
  • Cleaned up code (by Dmitry Kirillov).

8.4.33

  • Fixed NoWorkResult behavior difference with normal mode (by Romain Menke).
  • Fixed NoWorkResult usage conditions (by @​ahmdammarr).

8.4.32

  • Fixed postcss().process() types (by Andrew Ferreira).

8.4.31

  • Fixed \r parsing to fix CVE-2023-44270.

8.4.30

  • Improved source map performance (by Romain Menke).

8.4.29

  • Fixed Node#source.offset (by Ido Rosenthal).
  • Fixed docs (by Christian Oliff).

8.4.28

  • Fixed Root.source.end for better source map (by Romain Menke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

8.4.26

  • Fixed clone methods types.

8.4.25

8.4.24

  • Fixed Plugin types.
Commits


Updates postcss-initial from 3.0.4 to 4.0.1

Changelog

Sourced from postcss-initial's changelog.

4.0.1 (2021-04-14)

4.0.0 (2020-09-29)

[4.0.0] - 2020-09-29

[3.0.3] - 2020-07-14

  • Update deps

3.0.2 (2019-10-31)

[3.0.1] - 2019-08-09

[3.0.0] - 2018-08-16

  • Upgrade PostCSS to 7.0.2. It breaks node@4 support. Thanks to @​ansballard for contribution

[2.0.0] - 2016-05-09

[1.5.3] - 2016-11-30

[1.5.2] - 2016-07-20

Fix rules duplication in case when user added own fallback for rule. See #18. Thanks to @​ChaosExAnima for suggestion and PR.

[1.5.1] - 2016-04-09

Added support of multiple initial values in property. Thanks to @​johnbender for issue and contribution.

[1.5.0] - 2016-03-09

  • Fix some props with inherit values to more specific values. Thnx @​dzhiriki for issue.
  • Update deps

[1.4.1] - 2016-02-05

... (truncated)

Commits


You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/web-illinois/toolkit/network/alerts).

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.