Skip to content

chore(deps): bump the npm_and_yarn group across 1 directory with 2 updates#157

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm_and_yarn-fe0294b1b3
Open

chore(deps): bump the npm_and_yarn group across 1 directory with 2 updates#157
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm_and_yarn-fe0294b1b3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 23, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm_and_yarn group with 1 update in the / directory: postcss.

Updates postcss from 8.5.6 to 8.5.15

Release notes

Sourced from postcss's releases.

8.5.15

  • Fixed declaration parsing performance (by @​homanp).

8.5.14

8.5.13

  • Fixed postcss-scss commend regression.

8.5.12

  • Fixed reading any file via user-generated CSS.
  • Added opts.unsafeMap to disable checks.

8.5.11

  • Fixed nested brackets parsing performance (by @​offset).

8.5.10

  • Fixed XSS via unescaped </style> in non-bundler cases (by @​TharVid).

8.5.9

  • Speed up source map encoding paring in case of the error.

8.5.8

  • Fixed Processor#version.

8.5.7

  • Improved source map annotation cleaning performance (by CodeAnt AI).
Changelog

Sourced from postcss's changelog.

8.5.15

  • Fixed declaration parsing performance (by @​homanp).

8.5.14

8.5.13

  • Fixed postcss-scss commend regression.

8.5.12

  • Fixed reading any file via user-generated CSS.
  • Added opts.unsafeMap to disable checks.

8.5.11

  • Fixed nested brackets parsing performance (by @​offset).

8.5.10

  • Fixed XSS via unescaped </style> in non-bundler cases (by @​TharVid).

8.5.9

  • Speed up source map encoding paring in case of the error.

8.5.8

  • Fixed Processor#version.

8.5.7

  • Improved source map annotation cleaning performance (by CodeAnt AI).
Commits
  • eae46db Release 8.5.15 version
  • 79508ff Update CI actions
  • b128e21 Speed up declaration parsing by avoiding creating new array on each token
  • 9825dca Fix code format
  • 55789c8 Update dependencies
  • 84fbbe9 Install older pnpm action for old Node.js
  • 9f860bd Revert pnpm action for old Node.js
  • 0877198 Update CI actions
  • b2d1a33 Fix linter warnings
  • 0700dac Merge pull request #2088 from rootvector2/add-oss-fuzz-harness
  • Additional commits viewable in compare view

Updates rollup from 4.57.1 to 4.62.0

Release notes

Sourced from rollup's releases.

v4.62.0

4.62.0

2026-06-13

Features

  • Ensure that shared dependencies between manual chunks and entry points receive a serparate chunk (#6374)

Pull Requests

v4.61.1

4.61.1

2026-06-04

Bug Fixes

  • Avoid extraneous newlines when adding headers via plugins (#6403)
  • Fix a rare issue where starting Rollup would hang on Windows (#6404)

Pull Requests

v4.61.0

4.61.0

2026-06-01

Features

  • Sort entry modules to make chunk hashes deterministic (#6391)

Pull Requests

... (truncated)

Changelog

Sourced from rollup's changelog.

4.62.0

2026-06-13

Features

  • Ensure that shared dependencies between manual chunks and entry points receive a serparate chunk (#6374)

Pull Requests

4.61.1

2026-06-04

Bug Fixes

  • Avoid extraneous newlines when adding headers via plugins (#6403)
  • Fix a rare issue where starting Rollup would hang on Windows (#6404)

Pull Requests

4.61.0

2026-06-01

Features

  • Sort entry modules to make chunk hashes deterministic (#6391)

Pull Requests

... (truncated)

Commits
  • 5e0066d 4.62.0
  • 93e85fc chore(deps): update dependency eslint-plugin-unicorn to v65 (#6413)
  • 5c9ef2e fix(deps): update minor/patch updates (#6412)
  • 18654d8 chore(deps): lock file maintenance minor/patch updates (#6414)
  • d96ed95 Extract the static dependencies imported by manual chunks into separate chunk...
  • 126e141 chore(deps): pin dependency concurrently to v9 (#6406)
  • f2f58c4 chore(deps): lock file maintenance minor/patch updates (#6410)
  • 5a15062 chore(deps): update minor/patch updates to v6.2.0 (#6409)
  • d02f03a chore(deps): lock file maintenance minor/patch updates (#6407)
  • 844671c fix(deps): update minor/patch updates (#6405)
  • Additional commits viewable in compare view

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 23, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn-fe0294b1b3 branch from f6b9939 to ddf7620 Compare May 28, 2026 12:34
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn-fe0294b1b3 branch 4 times, most recently from 6568313 to a48a032 Compare June 18, 2026 16:19
…dates

Bumps the npm_and_yarn group with 1 update in the / directory: [postcss](https://github.com/postcss/postcss).


Updates `postcss` from 8.5.6 to 8.5.15
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.5.6...8.5.15)

Updates `rollup` from 4.57.1 to 4.62.0
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.57.1...v4.62.0)

---
updated-dependencies:
- dependency-name: postcss
  dependency-version: 8.5.15
  dependency-type: indirect
- dependency-name: rollup
  dependency-version: 4.60.4
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn-fe0294b1b3 branch from a48a032 to cd9e606 Compare June 18, 2026 18:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants