Bumps postcss to 8.5.15 and updates ancestor dependency css-loader. These dependencies need to be updated together.
Updates postcss from 6.0.23 to 8.5.15
Release notes
Sourced from postcss's releases.
8.5.15
- Fixed declaration parsing performance (by
@homanp).
8.5.14
- Fixed custom syntax regression (by
@43081j).
8.5.13
- Fixed
postcss-scss commend regression.
8.5.12
- Fixed reading any file via user-generated CSS.
- Added
opts.unsafeMap to disable checks.
8.5.11
- Fixed nested brackets parsing performance (by
@offset).
8.5.10
- Fixed XSS via unescaped
</style> in non-bundler cases (by @TharVid).
8.5.9
- Speed up source map encoding paring in case of the error.
8.5.8
8.5.7
- Improved source map annotation cleaning performance (by CodeAnt AI).
8.5.6
- Fixed
ContainerWithChildren type discriminating (by @Goodwine).
8.5.5
- Fixed
package.json→exports compatibility with some tools (by @JounQin).
8.5.4
8.5.3
8.5.2
8.5.1
- Fixed backwards compatibility for complex cases (by
@romainmenke).
8.5 "Duke Alloces"
... (truncated)
Changelog
Sourced from postcss's changelog.
8.5.15
- Fixed declaration parsing performance (by
@homanp).
8.5.14
- Fixed custom syntax regression (by
@43081j).
8.5.13
- Fixed
postcss-scss commend regression.
8.5.12
- Fixed reading any file via user-generated CSS.
- Added
opts.unsafeMap to disable checks.
8.5.11
- Fixed nested brackets parsing performance (by
@offset).
8.5.10
- Fixed XSS via unescaped
</style> in non-bundler cases (by @TharVid).
8.5.9
- Speed up source map encoding paring in case of the error.
8.5.8
8.5.7
- Improved source map annotation cleaning performance (by CodeAnt AI).
8.5.6
- Fixed
ContainerWithChildren type discriminating (by @Goodwine).
8.5.5
- Fixed
package.json→exports compatibility with some tools (by @JounQin).
8.5.4
8.5.3
... (truncated)
Commits
eae46db Release 8.5.15 version79508ff Update CI actionsb128e21 Speed up declaration parsing by avoiding creating new array on each token9825dca Fix code format55789c8 Update dependencies84fbbe9 Install older pnpm action for old Node.js9f860bd Revert pnpm action for old Node.js0877198 Update CI actionsb2d1a33 Fix linter warnings0700dac Merge pull request #2088 from rootvector2/add-oss-fuzz-harness- Additional commits viewable in compare view
Updates css-loader from 0.28.11 to 7.1.4
Release notes
Sourced from css-loader's releases.
v7.1.4
7.1.4 (2026年02月16日)
Bug Fixes
- update peer dependency for
@rspack/core v2 (#1652) (aeddefe)
v7.1.3
7.1.3 (2026年01月27日)
Bug Fixes
v7.1.2
7.1.2 (2024年05月22日)
Bug Fixes
- keep order of
@imports with the webpackIgnore comment (#1600) (76757ef)
v7.1.1
7.1.1 (2024年04月10日)
Bug Fixes
- automatically rename class
default to _default when named export is enabled (#1590) (d6c31a1)
v7.1.0
7.1.0 (2024年04月08日)
Features
- added the
getJSON option to output CSS modules mapping (#1577) (af834b4)
v7.0.0
7.0.0 (2024年04月04日)
⚠ BREAKING CHANGES
- The
modules.namedExport option is true by default if you enable the esModule option
... (truncated)
Changelog
Sourced from css-loader's changelog.
7.1.4 (2026年02月16日)
Bug Fixes
- update peer dependency for
@rspack/core v2 (#1652) (aeddefe)
7.1.3 (2026年01月27日)
Bug Fixes
7.1.2 (2024年05月22日)
Bug Fixes
- keep order of
@imports with the webpackIgnore comment (#1600) (76757ef)
7.1.1 (2024年04月10日)
Bug Fixes
- automatically rename class
default to _default when named export is enabled (#1590) (d6c31a1)
7.1.0 (2024年04月08日)
Features
- added the
getJSON option to output CSS modules mapping (#1577) (af834b4)
7.0.0 (2024年04月04日)
⚠ BREAKING CHANGES
- The
modules.namedExport option is true by default if you enable the esModule option
Migration guide:
Before:
import style from "./style.css";
</tr></table>
... (truncated)
Commits
Maintainer changes
This version was pushed to npm by evilebottnawi, a new releaser for css-loader since your current version.
Install script changes
This version adds prepare script that runs during installation. Review the package contents before updating.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR@dependabot recreate will recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.
Bumps postcss to 8.5.15 and updates ancestor dependency css-loader. These dependencies need to be updated together.
Updates
postcssfrom 6.0.23 to 8.5.15Release notes
Sourced from postcss's releases.
... (truncated)
Changelog
Sourced from postcss's changelog.
... (truncated)
Commits
eae46dbRelease 8.5.15 version79508ffUpdate CI actionsb128e21Speed up declaration parsing by avoiding creating new array on each token9825dcaFix code format55789c8Update dependencies84fbbe9Install older pnpm action for old Node.js9f860bdRevert pnpm action for old Node.js0877198Update CI actionsb2d1a33Fix linter warnings0700dacMerge pull request #2088 from rootvector2/add-oss-fuzz-harnessUpdates
css-loaderfrom 0.28.11 to 7.1.4Release notes
Sourced from css-loader's releases.
... (truncated)
Changelog
Sourced from css-loader's changelog.
... (truncated)
Commits
5b795afchore(release): 7.1.4aeddefefix: update peer dependency for@rspack/corev2 (#1652)b2b2de7chore(release): 7.1.301869bcfix: allow to usemoduleclass name (#1649)7dd15ecchore(deps): bump js-yaml (#1648)db26202chore(deps-dev): bump lodash from 4.17.21 to 4.17.23 (#1647)7daf1b8Update CONTRIBUTING link to point to GitHub pagede1e633chore: correct link path (#1645)563ad63chore: migrate from contrib and swap branches (#1644)e68bf7echore: update github actions/checkout from v4 to v5 (#1642)Maintainer changes
This version was pushed to npm by evilebottnawi, a new releaser for css-loader since your current version.
Install script changes
This version adds
preparescript that runs during installation. Review the package contents before updating.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.