Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump the npm_and_yarn at /rasp-vue security update group in /rasp-vue with 7 updates #453

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 11, 2023

Bumps the npm_and_yarn at /rasp-vue security update group in /rasp-vue with 7 updates:

Package From To
autoprefixer 7.2.6 10.4.16
css-loader 0.28.11 6.8.1
optimize-css-assets-webpack-plugin 3.2.0 6.0.1
postcss-import 11.1.0 15.1.0
postcss-loader 2.1.6 7.3.3
postcss-url 7.3.2 10.1.3
vue-loader 13.7.3 17.3.1

Updates autoprefixer from 7.2.6 to 10.4.16

Release notes

Sourced from autoprefixer's releases.

10.4.16

10.4.15

10.4.14

  • Improved startup time and reduced JS bundle size (by @​Knagis).

10.4.13

  • Fixed missed prefixes on vendor prefixes in name of CSS Custom Property.

10.4.12

  • Fixed support of unit-less zero angle in backgrounds (by @​yisibl).

10.4.11

  • Fixed text-decoration prefixes by moving to MDN data (by @​romainmenke).

10.4.10

  • Fixed unicode-bidi prefixes by moving to MDN data.

10.4.9

  • Fixed css-unicode-bidi issue from latest Can I Use.

10.4.8

  • Do not print color-adjust warning if print-color-adjust also is in rule.

10.4.7

  • Fixed print-color-adjust support in Firefox.

10.4.6

  • Fixed print-color-adjust support.

10.4.5

10.4.4

  • Fixed package.funding to have same value between all PostCSS packages.

10.4.3

10.4.2

  • Fixed missed -webkit- prefix for width: stretch.

10.4.1

... (truncated)

Changelog

Sourced from autoprefixer's changelog.

10.4.16

  • Improved performance (by Romain Menke).
  • Fixed docs (by Christian Oliff).

10.4.15

  • Fixed ::backdrop prefixes (by 一丝).
  • Fixed docs (by Christian Oliff).

10.4.14

  • Improved startup time and reduced JS bundle size (by Kārlis Gaņģis).

10.4.13

  • Fixed missed prefixes on vendor prefixes in name of CSS Custom Property.

10.4.12

  • Fixed support of unit-less zero angle in backgrounds (by 一丝).

10.4.11

  • Fixed text-decoration prefixes by moving to MDN data (by Romain Menke).

10.4.10

  • Fixed unicode-bidi prefixes by moving to MDN data.

10.4.9

  • Fixed css-unicode-bidi issue from latest Can I Use.

10.4.8

  • Do not print color-adjust warning if print-color-adjust also is in rule.

10.4.7

  • Fixed print-color-adjust support in Firefox.

10.4.6

  • Fixed print-color-adjust support.

10.4.5

10.4.4

  • Fixed package.funding to have same value between all PostCSS packages.

10.4.3

  • Fixed package.funding (by Álvaro Mondéjar).

10.4.2

  • Fixed missed -webkit- prefix for width: stretch.

10.4.1

  • Fixed ::file-selector-button data (by Luke Warlow).

... (truncated)

Commits

Updates css-loader from 0.28.11 to 6.8.1

Release notes

Sourced from css-loader's releases.

v6.8.1

6.8.1 (2023-05-28)

Bug Fixes

  • use cause for original errors and warnings (#1526) (ae3d8ae)

v6.8.0

6.8.0 (2023-05-27)

Features

  • use template literal when it possible to prevent Maximum call stack size exceeded (#1525) (6eb5661)

Bug Fixes

v6.7.4

6.7.4 (2023-05-19)

Bug Fixes

  • bugs in css modules (c3099fb)
  • output warning when built-in CSS support enabled (#1520) (0700ce8)

v6.7.3

6.7.3 (2022-12-14)

Bug Fixes

v6.7.2

6.7.2 (2022-11-13)

Bug Fixes

  • css modules generation with inline syntax (#1480) (2f4c273)

v6.7.1

6.7.1 (2022-03-08)

... (truncated)

Changelog

Sourced from css-loader's changelog.

6.8.1 (2023-05-28)

Bug Fixes

  • use cause for original errors and warnings (#1526) (ae3d8ae)

6.8.0 (2023-05-27)

Features

  • use template literal when it possible to prevent Maximum call stack size exceeded (#1525) (6eb5661)

Bug Fixes

6.7.4 (2023-05-19)

Bug Fixes

  • bugs in css modules (c3099fb)
  • output warning when built-in CSS support enabled (#1520) (0700ce8)

6.7.3 (2022-12-14)

Bug Fixes

6.7.2 (2022-11-13)

Bug Fixes

  • css modules generation with inline syntax (#1480) (2f4c273)

6.7.1 (2022-03-08)

Bug Fixes

6.7.0 (2022-03-04)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for css-loader since your current version.


Updates optimize-css-assets-webpack-plugin from 3.2.0 to 6.0.1

Commits

Updates postcss-import from 11.1.0 to 15.1.0

Release notes

Sourced from postcss-import's releases.

14.0.0 / 2020-12-14

This release should not have breaking changes for the vast majority of users; only those with @charset statements in their CSS may be affected.

  • BREAKING: Error if multiple incompatible @charset statements (#447)
  • BREAKING: Warn if @charset statements are not at the top of files (#447)
  • Fix handing of @charset (#436, #447)

13.0.0 / 2020-10-20

  • BREAKING: Require Node 10+ (#429)
  • BREAKING: Upgrade to postcss v8 and require it as a peerDependency (#427, #432)
  • Update dependencies

12.0.0

Changelog

Sourced from postcss-import's changelog.

15.1.0 / 2022-12-07

  • Add data: URL support (this is not useful for most consumers) (#515)

15.0.1 / 2022-12-01

  • Preserve layer in ignored @imports (#510, #511)
  • Join media queries in the correct order (#512, #513)

15.0.0 / 2022-08-30

  • BREAKING: Require Node.js v14+ (#497)
  • BREAKING: Require nameLayer option for handling anonymous layers (#496)
  • Fix handling of @media queries inside layered imports (#495, #496)

14.1.0 / 2022-03-22

  • Add @layer support (#483)

14.0.2 / 2021-05-10

  • Remove remaining direct import of postcss package (#455, #456)

14.0.1 / 2021-03-31

  • Fix bug with @charset statements in media imports (#448, #453)

14.0.0 / 2020-12-14

This release should not have breaking changes for the vast majority of users; only those with @charset statements in their CSS may be affected.

  • BREAKING: Error if multiple incompatible @charset statements (#447)
  • BREAKING: Warn if @charset statements are not at the top of files (#447)
  • Fix handing of @charset (#436, #447)

13.0.0 / 2020-10-20

  • BREAKING: Require Node 10+ (#429)
  • BREAKING: Upgrade to postcss v8 and require it as a peerDependency (#427, #432)
  • Update dependencies

12.0.1 / 2018-10-22

  • Add plugin property to dependency messages (#379, #380)

12.0.0 - 2018-08-04

Commits

Updates postcss-loader from 2.1.6 to 7.3.3

Release notes

Sourced from postcss-loader's releases.

v7.3.3

7.3.3 (2023-06-10)

Bug Fixes

  • perf: avoid using klona for postcss options (#658) (e754c3f)
  • bug with loading configurations after updating cosmiconfig to version 8.2 (684d265)

v7.3.2

7.3.2 (2023-05-28)

Bug Fixes

  • use cause to keep original errors and warnings (#655) (e8873f4)

v7.3.1

7.3.1 (2023-05-26)

Bug Fixes

  • warning and error serialization (65748ec)

v7.3.0

7.3.0 (2023-04-28)

Features

  • use jiti for typescript configurations (#649) (8b876fa)

v7.2.4

7.2.4 (2023-04-04)

Bug Fixes

v7.2.3

7.2.3 (2023-04-03)

Bug Fixes

v7.2.2

... (truncated)

Changelog

Sourced from postcss-loader's changelog.

7.3.3 (2023-06-10)

Bug Fixes

  • perf: avoid using klona for postcss options (#658) (e754c3f)
  • bug with loading configurations after updating cosmiconfig to version 8.2 (684d265)

7.3.2 (2023-05-28)

Bug Fixes

  • use cause to keep original errors and warnings (#655) (e8873f4)

7.3.1 (2023-05-26)

Bug Fixes

  • warning and error serialization (65748ec)

7.3.0 (2023-04-28)

Features

  • use jiti for typescript configurations (#649) (8b876fa)

7.2.4 (2023-04-04)

Bug Fixes

7.2.3 (2023-04-03)

Bug Fixes

7.2.2 (2023-04-03)

Bug Fixes

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for postcss-loader since your current version.


Updates postcss-url from 7.3.2 to 10.1.3

Release notes

Sourced from postcss-url's releases.

10.1.3

Fixed: update mime version

10.1.2

Fixed: tilde operator for dependencies to allow for newer patch version

10.1.1

Fixed: updated mime and xxhashjs versions Fixed: postcss peerDependency version 8.1.2 -> 8.0.0

10.1.0

Fixed: Replaced mkdirp with make-dir (PR#152) Fixed: updated dev dependencies, resolved npm audit issues Fixed: unlock postcss in peerDependecies

10.0.0

Added: support for PostCSS 8 (PR#148) Fixed: path resolution when to/from paths match (PR#136)

9.0.0 - beta - 2019-04-17

Added: async api (PR#134)

8.0.0

Changed: updated postcss 6.0.1 > 7.0.2, postcss-import 10.0.0 > 12.0.0, and required nodejs version (PR#126) Changed: updated mime package

Changelog

Sourced from postcss-url's changelog.

10.1.3 - 2021-03-19

Fixed: update mime version

10.1.2 - 2021-03-19

Fixed: tilde operator for dependencies to allow for newer patch version

10.1.1 - 2020-11-26

Fixed: updated mime and xxhashjs versions Fixed: postcss peerDependency version 8.1.2 -> 8.0.0

10.1.0 - 2020-11-04

Fixed: Replaced mkdirp with make-dir (PR#152) Fixed: updated dev dependencies, resolved npm audit issues

10.0.0 - 2020-10-23

Added: support for PostCSS 8 (PR#148) Fixed: path resolution when to/from paths match (PR#136)

9.0.0 - 2019-04-17

Fixed: Async API Added: support for PostCSS 8

8.0.0 - 2018-08-09

Changed: updated postcss 6.0.1 > 7.0.2, postcss-import 10.0.0 > 12.0.0, and required nodejs version (PR#126) Changed: updated mime package

Commits

Updates vue-loader from 13.7.3 to 17.3.1

Release notes

Sourced from vue-loader's releases.

v17.3.1

Bug Fixes

  • do not skip style post loader for v-bind() in non-scoped CSS (d7071bb), closes #2061

v17.3.0

Bug Fixes

Features

  • skip normal css files without scoped flag in stylePostLoader (#2053) (98782e7)

v17.2.2

Bug Fixes

v17.2.1

Features

  • A new experimentalInlineMatchResource option (webpack 5 only), which leverages webpack 5's inline matchResource feature in the underlying implementation, and works well with the experiments.css feature This also makes vue-loader compatible with Rspack (#2046) (3149f6d).

Note: v17.2.0 was released by accident; it has the same content as v17.1.2, therefore not included in the Releases page.

v17.1.2

Bug Fixes

  • keep build stable when run in a different path (#2040) (a81dc0f)
  • properly close the watcher after webpack 4 tests (40b93b9)

v17.1.1

Bug Fixes

  • support experimental propsDestructure and defineModel options (6269698)

v17.1.0

Bug Fixes

Features

  • support 3.3 imported types hmr (bbd98fc)

Full Changelog: vuejs/vue-loader@v17.0.1...v17.1.0

... (truncated)

Changelog

Sourced from vue-loader's changelog.

17.3.1 (2023-10-31)

Bug Fixes

  • do not skip style post loader for v-bind() in CSS (d7071bb), closes #2061

17.3.0 (2023-10-07)

Bug Fixes

Features

  • skip normal css files without scoped flag in stylePostLoader (#2053) (98782e7)

17.2.2 (2023-06-02)

Bug Fixes

17.2.1 (2023-06-01)

Features

  • A new experimentalInlineMatchResource option (webpack 5 only), which leverages webpack 5's inline match resource feature and works well with the experiments.css feature (#2046) (3149f6d)

Note: v17.2.0 was released by accident, it has the same content as v17.1.2, therefore not included in the changelog.

17.1.2 (2023-05-29)

Bug Fixes

  • keep build stable when run in a different path (#2040) (a81dc0f)
  • properly close the watcher after tests (40b93b9)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by soda, a new releaser for vue-loader since your current version.


You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Bumps the npm_and_yarn at /rasp-vue security update group in /rasp-vue with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [autoprefixer](https://github.com/postcss/autoprefixer) | `7.2.6` | `10.4.16` |
| [css-loader](https://github.com/webpack-contrib/css-loader) | `0.28.11` | `6.8.1` |
| [optimize-css-assets-webpack-plugin](https://github.com/NMFR/optimize-css-assets-webpack-plugin) | `3.2.0` | `6.0.1` |
| [postcss-import](https://github.com/postcss/postcss-import) | `11.1.0` | `15.1.0` |
| [postcss-loader](https://github.com/webpack-contrib/postcss-loader) | `2.1.6` | `7.3.3` |
| [postcss-url](https://github.com/postcss/postcss-url) | `7.3.2` | `10.1.3` |
| [vue-loader](https://github.com/vuejs/vue-loader) | `13.7.3` | `17.3.1` |


Updates `autoprefixer` from 7.2.6 to 10.4.16
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md)
- [Commits](postcss/autoprefixer@7.2.6...10.4.16)

Updates `css-loader` from 0.28.11 to 6.8.1
- [Release notes](https://github.com/webpack-contrib/css-loader/releases)
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md)
- [Commits](webpack-contrib/css-loader@v0.28.11...v6.8.1)

Updates `optimize-css-assets-webpack-plugin` from 3.2.0 to 6.0.1
- [Commits](NMFR/optimize-css-assets-webpack-plugin@v3.2.0...v6.0.1)

Updates `postcss-import` from 11.1.0 to 15.1.0
- [Release notes](https://github.com/postcss/postcss-import/releases)
- [Changelog](https://github.com/postcss/postcss-import/blob/master/CHANGELOG.md)
- [Commits](postcss/postcss-import@11.1.0...15.1.0)

Updates `postcss-loader` from 2.1.6 to 7.3.3
- [Release notes](https://github.com/webpack-contrib/postcss-loader/releases)
- [Changelog](https://github.com/webpack-contrib/postcss-loader/blob/master/CHANGELOG.md)
- [Commits](webpack-contrib/postcss-loader@v2.1.6...v7.3.3)

Updates `postcss-url` from 7.3.2 to 10.1.3
- [Release notes](https://github.com/postcss/postcss-url/releases)
- [Changelog](https://github.com/postcss/postcss-url/blob/master/CHANGELOG.md)
- [Commits](postcss/postcss-url@7.3.2...10.1.3)

Updates `vue-loader` from 13.7.3 to 17.3.1
- [Release notes](https://github.com/vuejs/vue-loader/releases)
- [Changelog](https://github.com/vuejs/vue-loader/blob/main/CHANGELOG.md)
- [Commits](https://github.com/vuejs/vue-loader/commits/v17.3.1)

---
updated-dependencies:
- dependency-name: autoprefixer
  dependency-type: direct:development
- dependency-name: css-loader
  dependency-type: direct:development
- dependency-name: optimize-css-assets-webpack-plugin
  dependency-type: direct:development
- dependency-name: postcss-import
  dependency-type: direct:development
- dependency-name: postcss-loader
  dependency-type: direct:development
- dependency-name: postcss-url
  dependency-type: direct:development
- dependency-name: vue-loader
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Nov 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants