Bump the npm_and_yarn group across 4 directories with 34 updates

[dependabot]

Bumps the npm_and_yarn group with 17 updates in the /docs directory:

Package	From	To
graphiql	1.11.5	3.7.1
graphql	15.8.0	16.9.0
@babel/traverse	7.20.5	7.25.4
@sideway/formula	3.0.0	3.0.1
braces	3.0.2	3.0.3
codemirror	5.65.10	5.65.17
express	4.18.2	4.19.2
follow-redirects	1.15.2	1.15.6
http-cache-semantics	4.1.0	4.1.1
json5	2.2.1	2.2.3
micromatch	4.0.5	4.0.8
postcss	8.4.20	8.4.41
semver	5.7.1	5.7.2
tar	6.1.13	6.2.1
webpack-dev-middleware	5.3.3	5.3.4
webpack	5.75.0	5.94.0
ws	7.5.9	7.5.10

Bumps the npm_and_yarn group with 24 updates in the /frontend directory:

Package	From	To
graphiql	1.0.0-alpha.0	1.4.7
graphql	14.5.8	14.6.0
axios	1.7.4	1.7.5
codemirror	5.51.0	5.58.2
express	4.18.2	4.19.2
follow-redirects	1.15.2	1.15.6
postcss	8.4.19	8.4.31
semver	5.5.1	5.7.2
ua-parser-js	0.7.35	0.7.38
webpack-dev-middleware	5.3.3	5.3.4
webpack	5.87.0	5.94.0
@types/webpack	4.41.7	5.28.5
ws	5.2.3	5.2.4
highlight.js	9.15.8	10.4.1
jsonwebtoken	8.5.1	9.0.0
@adobe/css-tools	4.2.0	4.4.0
browserify-sign	4.2.1	4.2.3
ejs	3.1.9	3.1.10
elliptic	6.5.4	6.5.7
es5-ext	0.10.62	0.10.64
jose	4.14.4	4.15.9
socket.io-parser	3.3.3	3.3.4
undici	5.22.1	5.28.4
word-wrap	1.2.3	1.2.5

Bumps the npm_and_yarn group with 1 update in the /server/tests-py directory: node-fetch.
Bumps the npm_and_yarn group with 2 updates in the /server/tests-py/remote_schemas/nodejs directory: graphql and @apollo/gateway.

Updates graphiql from 1.11.5 to 3.7.1

Release notes

Sourced from graphiql's releases.

graphiql@3.7.1

Patch Changes

• #3751 b8538d8 Thanks @​dimaMachina! - replace deprecated navigator.platform with navigator.userAgent

  fix placeholder ⌘ K in doc explorer search input for non mac devices, replace by Ctrl K

• Updated dependencies [b8538d8]:

  • @​graphiql/react@​0.26.2

@​graphiql/plugin-explorer@​3.2.2

Patch Changes

• Updated dependencies [959ed21, 9aef83a]:
  • @​graphiql/react@​0.26.0

graphiql@3.7.0

Minor Changes

• #3619 9aef83a Thanks @​Yahkob! - add new prop defaultTheme to set the default color preference theme

Patch Changes

• #3441 959ed21 Thanks @​cimdalli! - fix: set query editor to defaultQuery while adding a new tab or GraphiQL's default query

  # Welcome to GraphiQL
  #
  # GraphiQL is an in-browser tool for writing, validating, and
  # testing GraphQL queries.
  ...

• Updated dependencies [959ed21, 9aef83a]:

  • @​graphiql/react@​0.26.0

@​graphiql/plugin-code-exporter@​3.1.2

Patch Changes

• Updated dependencies [959ed21, 9aef83a]:
  • @​graphiql/react@​0.26.0

@​graphiql/plugin-explorer@​3.2.1

Patch Changes

• Updated dependencies [7404e8e]:
  • @​graphiql/react@​0.25.0

@​graphiql/plugin-code-exporter@​3.1.1

... (truncated)

Changelog

Sourced from graphiql's changelog.

3.7.1

Patch Changes

• #3751 b8538d8 Thanks @​dimaMachina! - replace deprecated navigator.platform with navigator.userAgent

  fix placeholder ⌘ K in doc explorer search input for non mac devices, replace by Ctrl K

• Updated dependencies [b8538d8]:

  • @​graphiql/react@​0.26.2

3.7.0

Minor Changes

• #3619 9aef83a Thanks @​Yahkob! - add new prop defaultTheme to set the default color preference theme

Patch Changes

• #3441 959ed21 Thanks @​cimdalli! - fix: set query editor to defaultQuery while adding a new tab or GraphiQL's default query

  # Welcome to GraphiQL
  #
  # GraphiQL is an in-browser tool for writing, validating, and
  # testing GraphQL queries.
  ...

• Updated dependencies [959ed21, 9aef83a]:

  • @​graphiql/react@​0.26.0

3.6.0

Minor Changes

• #3563 4fb231f Thanks @​klippx! - Add new prop confirmCloseTab to allow control of closing tabs

• #3532 7404e8e Thanks @​Cr4xy! - Add webp support to graphiql results image-preview

Patch Changes

• Updated dependencies [7404e8e]:
  • @​graphiql/react@​0.25.0

3.5.0

Minor Changes

... (truncated)

Commits

• a929862 Version Packages (#3752)
• b8538d8 [graphiql] fix placeholder ⌘ K in doc explorer search input for non mac dev...
• 1a561b3 Version Packages (#3745)
• 2ad4e75 migrate @graphiql/toolkit to tsup (#3746)
• 26cd829 Version Packages (#3731)
• 640b44f fix skipped test of prettify.cy.ts (#3734)
• 9aef83a add defaultTheme prop to specify default theme if no previous value stored (#...
• 959ed21 fix: use the default query on adding a new tab (#3441)
• 40bbd61 Version Packages (#3724)
• 4fb231f Allow GraphiQL apps control over closing tabs (#3563)
• Additional commits viewable in compare view

Updates graphql from 15.8.0 to 16.9.0

Release notes

Sourced from graphql's releases.

v16.9.0 (2024-06-21)

New Feature 🚀

• #4119 backport[v16]: Introduce "recommended" validation rules (@​benjie)
• #4122 backport[v16]: Enable passing values configuration to GraphQLEnumType as a thunk (@​benjie)
• #4124 backport[v16]: Implement OneOf Input Objects via @oneOf directive (@​benjie)

Committers: 1

• Benjie(@​benjie)

v16.8.2 (2024-06-12)

Bug Fix 🐞

• #4022 fix: remove globalThis check and align with what bundlers can accept (@​JoviDeCroock)

Internal 🏠

• #4104 Fix publish scripts (@​benjie)

Committers: 2

• Benjie(@​benjie)
• Jovi De Croock(@​JoviDeCroock)

v16.8.1 (2023-09-19)

Bug Fix 🐞

• #3967 OverlappingFieldsCanBeMergedRule: Fix performance degradation (@​AaronMoat)

Committers: 1

• Aaron Moat(@​AaronMoat)

v16.8.0 (2023-08-14)

New Feature 🚀

• #3950 Support fourfold nested lists (@​gschulze)

Committers: 1

• Gunnar Schulze(@​gschulze)

v16.7.1 (2023-06-22)

📢 Big shout out to @​phryneas, who managed to reproduce this issue and come up with this fix.

Bug Fix 🐞

• #3923 instanceOf: workaround bundler issue with process.env (@​IvanGoncharov)

Committers: 1

• Ivan Goncharov(@​IvanGoncharov)

... (truncated)

Commits

• 556a01e 16.9.0
• 6a1614c backport[v16]: Enable passing values configuration to GraphQLEnumType as a th...
• 29144f7 backport[v16]: Implement OneOf Input Objects via @oneOf directive (#4124)
• c35130e Revert error extension symbol (#4123)
• 29c1bff feat: allow defining symbol error extensions (#3730)
• c985c27 backport[v16]: Introduce "recommended" validation rules (#4119)
• 08779a0 16.8.2
• c82609e Fix publish scripts (#4104)
• 0d12b06 fix: remove globalThis check and align with what bundlers can accept (#4022)
• 8a95335 16.8.1
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by benjie, a new releaser for graphql since your current version.

Updates @babel/traverse from 7.20.5 to 7.25.4

Release notes

Sourced from @​babel/traverse's releases.

v7.25.4 (2024-08-22)

🐛 Bug Fix

• babel-traverse
  • #16756 fix: Skip computed key when renaming (@​liuxingbaoyu)
• babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • #16755 fix: Decorator 2018-09 may throw an exception (@​liuxingbaoyu)
• babel-types
  • #16710 Visit AST fields nodes according to their syntactical order (@​nicolo-ribaudo)
• babel-generator
  • #16709 Print semicolon after TS export namespace as A (@​nicolo-ribaudo)

💅 Polish

• babel-generator, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-typescript, babel-runtime-corejs2, babel-runtime, babel-traverse
  • #16722 Avoid unnecessary parens around sequence expressions (@​nicolo-ribaudo)
• babel-generator, babel-plugin-transform-class-properties
  • #16714 Avoid unnecessary parens around exported arrow functions (@​nicolo-ribaudo)
• babel-generator, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-transform-object-rest-spread
  • #16712 Avoid printing unnecessary parens around object destructuring (@​nicolo-ribaudo)

🔬 Output optimization

• babel-generator
  • #16740 Avoid extra spaces between comments/regexps in compact mode (@​nicolo-ribaudo)

Committers: 4

• Babel Bot (@​babel-bot)
• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• @​liuxingbaoyu

v7.25.3 (2024-07-31)

🐛 Bug Fix

• babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-traverse
  • #16699 Avoid validating visitors produced by traverse.visitors.merge (@​nicolo-ribaudo)

🏠 Internal

• babel-parser
  • #16688 Add @babel/types as a dependency of @babel/parser (@​nicolo-ribaudo)

Committers: 2

• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)

v7.25.2 (2024-07-30)

🐛 Bug Fix

• babel-core, babel-traverse
  • #16695 Ensure that requeueComputedKeyAndDecorators is available (@​nicolo-ribaudo)

... (truncated)

Changelog

Sourced from @​babel/traverse's changelog.

v7.25.4 (2024-08-22)

🐛 Bug Fix

• babel-traverse
  • #16756 fix: Skip computed key when renaming (@​liuxingbaoyu)
• babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • #16755 fix: Decorator 2018-09 may throw an exception (@​liuxingbaoyu)
• babel-types
  • #16710 Visit AST fields nodes according to their syntactical order (@​nicolo-ribaudo)
• babel-generator
  • #16709 Print semicolon after TS export namespace as A (@​nicolo-ribaudo)

💅 Polish

• babel-generator, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-typescript, babel-runtime-corejs2, babel-runtime, babel-traverse
  • #16722 Avoid unnecessary parens around sequence expressions (@​nicolo-ribaudo)
• babel-generator, babel-plugin-transform-class-properties
  • #16714 Avoid unnecessary parens around exported arrow functions (@​nicolo-ribaudo)
• babel-generator, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-transform-object-rest-spread
  • #16712 Avoid printing unnecessary parens around object destructuring (@​nicolo-ribaudo)

🔬 Output optimization

• babel-generator
  • #16740 Avoid extra spaces between comments/regexps in compact mode (@​nicolo-ribaudo)

v7.25.3 (2024-07-31)

🐛 Bug Fix

• babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-traverse
  • #16699 Avoid validating visitors produced by traverse.visitors.merge (@​nicolo-ribaudo)

🏠 Internal

• babel-parser
  • #16688 Add @babel/types as a dependency of @babel/parser (@​nicolo-ribaudo)

v7.25.2 (2024-07-30)

🐛 Bug Fix

• babel-core, babel-traverse
  • #16695 Ensure that requeueComputedKeyAndDecorators is available (@​nicolo-ribaudo)

v7.25.1 (2024-07-28)

🐛 Bug Fix

• babel-plugin-transform-function-name
  • #16683 fix: ensureFunctionName may be undefined (@​liuxingbaoyu)
• babel-plugin-transform-react-constant-elements
  • #16582 fix plugin-transform-react-constant-elements transform JSXFrament but not add JSXExpressionContainer (@​keiseiTi)
• babel-traverse
  • #16587 fix: fixed issue16583 + test (@​nerodesu017)

🏠 Internal

• #16663 Test eslint plugin against eslint 9 (@​JLHwung)

v7.25.0 (2024-07-26)

... (truncated)

Commits

• cbf124c v7.25.4
• 2b289fb fix: skip computed key when renaming (#16756)
• 575863c Avoid unnecessary parens around sequence expressions (#16722)
• 5174ad1 Clean all always enabled parser plugins (#16572)
• 52718ab Discontinue babel-eslint-config-internal (#16718)
• dba45d3 Ignore devDependencies when generating tsconfig.json (#16659)
• 787c7cd v7.25.3
• 992c6e0 Avoid validating visitors produced by traverse.visitors.merge (#16699)
• 44efb5f print @​babel/traverse version on unknown AST types (#16701)
• 0f8f408 v7.25.2
• Additional commits viewable in compare view

Updates @sideway/formula from 3.0.0 to 3.0.1

Commits

• 5b44c1b 3.0.1
• 9fbc20a chore: better number regex
• 41ae98e Cleanup
• c59f35e Move to Sideway
• See full diff in compare view

Maintainer changes

This version was pushed to npm by marsup, a new releaser for @​sideway/formula since your current version.

Updates braces from 3.0.2 to 3.0.3

Commits

• 74b2db2 3.0.3
• 88f1429 update eslint. lint, fix unit tests.
• 415d660 Snyk js braces 6838727 (#40)
• 190510f fix tests, skip 1 test in test/braces.expand
• 716eb9f readme bump
• a5851e5 Merge pull request #37 from coderaiser/fix/vulnerability
• 2092bd1 feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...
• 9f5b4cf fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)
• 98414f9 remove funding file
• 665ab5d update keepEscaping doc (#27)
• Additional commits viewable in compare view

Updates codemirror from 5.65.10 to 5.65.17

Commits

• See full diff in compare view

Updates express from 4.18.2 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

• Improved fix for open redirect allow list bypass

Full Changelog: expressjs/express@4.19.1...4.19.2

4.19.1

What's Changed

• Fix ci after location patch by @​wesleytodd in expressjs/express#5552
• fixed un-edited version in history.md for 4.19.0 by @​wesleytodd in expressjs/express#5556

Full Changelog: expressjs/express@4.19.0...4.19.1

4.19.0

What's Changed

• fix typo in release date by @​UlisesGascon in expressjs/express#5527
• docs: nominating @​wesleytodd to be project captian by @​wesleytodd in expressjs/express#5511
• docs: loosen TC activity rules by @​wesleytodd in expressjs/express#5510
• Add note on how to update docs for new release by @​crandmck in expressjs/express#5541
• Prevent open redirect allow list bypass due to encodeurl
• Release 4.19.0 by @​wesleytodd in expressjs/express#5551

New Contributors

• @​crandmck made their first contribution in expressjs/express#5541

Full Changelog: expressjs/express@4.18.3...4.19.0

4.18.3

Main Changes

• Fix routing requests without method
• deps: body-parser@1.20.2
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
  • deps: raw-body@2.5.2

Other Changes

• Use https: protocol instead of deprecated git: protocol by @​vcsjones in expressjs/express#5032
• build: Node.js@16.18 and Node.js@18.12 by @​abenhamdine in expressjs/express#5034
• ci: update actions/checkout to v3 by @​armujahid in expressjs/express#5027
• test: remove unused function arguments in params by @​raksbisht in expressjs/express#5124
• Remove unused originalIndex from acceptParams by @​raksbisht in expressjs/express#5119
• Fixed typos by @​raksbisht in expressjs/express#5117
• examples: remove unused params by @​raksbisht in expressjs/express#5113
• fix: parameter str is not described in JSDoc by @​raksbisht in expressjs/express#5130
• fix: typos in History.md by @​raksbisht in expressjs/express#5131
• build : add Node.js@19.7 by @​abenhamdine in expressjs/express#5028
• test: remove unused function arguments in params by @​raksbisht in expressjs/express#5137

... (truncated)

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

• Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

• Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

• Prevent open redirect allow list bypass due to encodeurl
• deps: cookie@0.6.0

4.18.3 / 2024-02-29

• Fix routing requests without method
• deps: body-parser@1.20.2
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
  • deps: raw-body@2.5.2
• deps: cookie@0.6.0
  • Add partitioned option

Commits

• 04bc627 4.19.2
• da4d763 Improved fix for open redirect allow list bypass
• 4f0f6cc 4.19.1
• a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
• a1fa90f fixed un-edited version in history.md for 4.19.0
• 11f2b1d build: fix build due to inconsistent supertest behavior in older versions
• 084e365 4.19.0
• 0867302 Prevent open redirect allow list bypass due to encodeurl
• 567c9c6 Add note on how to update docs for new release (#5541)
• 69a4cf2 deps: cookie@0.6.0
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.

Updates follow-redirects from 1.15.2 to 1.15.6

Commits

• 35a517c Release version 1.15.6 of the npm package.
• c4f847f Drop Proxy-Authorization across hosts.
• 8526b4a Use GitHub for disclosure.
• b1677ce Release version 1.15.5 of the npm package.
• d8914f7 Preserve fragment in responseUrl.
• 6585820 Release version 1.15.4 of the npm package.
• 7a6567e Disallow bracketed hostnames.
• 05629af Prefer native URL instead of deprecated url.parse.
• 1cba8e8 Prefer native URL instead of legacy url.resolve.
• 72bc2a4 Simplify _processResponse error handling.
• Additional commits viewable in compare view

Updates http-cache-semantics from 4.1.0 to 4.1.1

Commits

• 2449650 Update mocha
• 560b2d8 Don't use regex to trim whitespace
• b1bdb92 Remove linting package zoo
• c20dc7e Cache 308
• See full diff in compare view

Updates json5 from 2.2.1 to 2.2.3

Release notes

Sourced from json5's releases.

v2.2.3

• Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

• Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

Commits

• c3a7524 2.2.3
• 94fd06d docs: update CHANGELOG for v2.2.3
• 3b8cebf docs(security): use GitHub security advisories
• f0fd9e1 docs: publish a security policy
• 6a91a05 docs(template): bug -> bug report
• 14f8cb1 2.2.2
• 10cc7ca docs: update CHANGELOG for v2.2.2
• 7774c10 fix: add proto to objects and arrays
• edde30a Readme: slight tweak to intro
• 97286f8 Improve example in readme
• Additional commits viewable in compare view

Updates markdown-it from 12.3.2 to 14.1.0

Changelog

Sourced from markdown-it's changelog.

[14.1.0] - 2024-03-19

Changed

• Updated CM spec compatibility to 0.31.2, #1009.

Fixed

• Fixed quadratic complexity when parsing references, #996.
• Fixed quadratic output size with pathological user input in tables, #1000.

[14.0.0] - 2023-12-08

Changed

• Drop ancient browsers support (use .fromCodePoint and other features).
• Rewrite to ESM (including all plugins/deps). CJS fallback still available. No signatures changed, except markdown-it-emoji plugin.
• Dropped dist/ folder from repo, build on package publish.
• Set punicode.js as external dependency.

Fixed

• Html tokens inside img alt are now rendered as their original text, #896.
• Hardbreaks inside img alt are now rendered as newlines.

[13.0.2] - 2023-09-26

Security

• Fixed crash/infinite loop caused by linkify inline rule, #957.

Fixed

• Throw an error if 3rd party plugin doesn't increment line or pos counters (previously, markdown-it would likely go into infinite loop instead), #847.

[13.0.1] - 2022-05-03

Fixed

• Bumped linkify-it to 4.0.1. That should fix some hangs, caused by wrong data, returned from linkify-it.

[13.0.0] - 2022-04-22

Added

• Added a new token type text_special to store escaped characters, same as text but unaffected by replacement plugins (smartquotes, typographer, linkifier, etc.).
• Added a new rule text_join in core ruler. Text replacement plugins may choose to insert themselves before it.

Changed

• (p) is no longer replaced with § by typographer (conflicts with ℗), #763.
• text_collapse rule is renamed to fragments_join.

Fixed

• Smartquotes, typographic replacements and plain text links can now be escaped

... (truncated)

Commits

• 0fe7ccb 14.1.0 released
• a367c44 Fix typo in comments of text.mjs (#1015)
• 7ad8179 add changelog
• 5e90063 simplify logic in scanDelims
• d7ce5ec Merge pull request #1009 from notriddle/spec-0.31.2
• 0bfc57d Update spec to 0.31.2
• cd24778 Update to comply with spec 0.31.2
• eaef476 Fix typo in architecture.md (#994)
• de814ca fix quadratic complexity in reference parser (#1004)
• 00b8a93 limit the number of autocompleted cells in a table
• Additional commits viewable in compare view

Updates micromatch from 4.0.5 to 4.0.8

Release notes

Sourced from micromatch's releases.

4.0.8

Ultimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We consider the issues low-priority, so even if you see automated scanners saying otherwise, don't be scared.

Changelog

Sourced from micromatch's changelog.

[4.0.8] - 2024-08-22

• backported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch

[4.0.7] - 2024-05-22

• this is basically v4.0.5, with some README updates
• it is vulnerable to CVE-2024-4067
• Updated braces to v3.0.3 to avoid CVE-2024-4068
• does NOT break API compatibility

[4.0.6] - 2024-05-21

• Added hasBraces to check if a pattern contains braces.
• Fixes CVE-2024-4067
• BREAKS API COMPATIBILITY
• Should be labeled as a major release, but it's not.

Commits

• 8bd704e 4.0.8
• a0e6841 run verb to generate README documentation
• 4ec2884 Merge branch 'v4' into hauserkristof-feature/v4.0.8
• 03aa805 Merge pull request #266 from hauserkristof/feature/v4.0.8
• 814f5f7 lint
• 67fcce6 fix: CHANGELOG about braces & CVE-2024-4068, v4.0.5
• 113f2e3 fix: CVE numbers in CHANGELOG
• d9dbd9a feat: updated CHANGELOG
• 2ab1315 fix: use actions/setup-node@v4
• 1406ea3 feat: rework test to work on macos with node 10,12 and 14
• Additional commits viewable in compare view

Updates postcss from 8.4.20 to 8.4.41

Release notes

Sourced from postcss's releases.

8.4.41

• Fixed types (by @​nex3 and @​querkmachine).
• Cleaned up RegExps (by @​bluwy).

8.4.40

• Moved to getter/setter in nodes types to help Sass team (by @​nex3).

8.4.39

• Fixed CssSyntaxError types (by @​romainmenke).

8.4.38

• Fixed endIndex: 0 in errors and warnings (by @​romainmenke).

8.4.37

• Fixed original.column are not numbers error in another case.

8.4.36

• Fixed original.column are not numbers error on broken previous source map.

8.4.35

• Avoid ! in node.parent.nodes type.
• Allow to pass undefined to node adding method to simplify types.

8.4.34

• Fixed AtRule#nodes type (by @​tim-we).
• Cleaned up code (by @​DrKiraDmitry).

8.4.33

• Fixed NoWorkResult behavior difference with normal mode (by @​romainmenke).
• Fixed NoWorkResult usage conditions (by @​ahmdammarr).

8.4.32

• Fixed postcss().process() types (by @​ferreira-tb).

8.4.31

• Fixed \r parsing to fix CVE-2023-44270.

8.4.30

• Improved source map performance (by @​romainmenke).

8.4.29

• Fixed Node#source.offset (by @​idoros).
• Fixed docs (by @​coliff).

8.4.28

• Fixed Root.source.end for better source map (by @​romainmenke).
• Fixed Result.root types when process() has no parser.

8.4.27

• Fixed Container clone methods types.

... (truncated)

Changelog

Sourced from postcss's changelog.

8.4.41

• Fixed types (by @​nex3 and @​querkmachine).
• Cleaned up RegExps (by @​bluwy).

8.4.40

• Moved to getter/setter in nodes types to help Sass team (by @​nex3).

8.4.39

• Fixed CssSyntaxError types (by @​romainmenke).

8.4.38

• Fixed endIndex: 0 in errors and warnings (by @​romainmenke).

8.4.37

• Fixed original.column are not numbers error in another case.

8.4.36

• Fixed original.column are not numbers error on broken previous source map.

8.4.35

• Avoid ! in node.parent.nodes type.
• Allow to pass undefined to node adding method to simplify types.

8.4.34

• Fixed AtRule#nodes type (by Tim Weißenfels).
• Cleaned up code (by Dmitry Kirillov).

8.4.33

• Fixed NoWorkResult behavior difference with normal mode (by Romain Menke).
• Fixed NoWorkResult usage conditions (by @​ahmdammarr).

8.4.32

• Fixed postcss().process(...

  Description has been truncated

[changeset-bot]

⚠️ No Changeset found

Latest commit: c26cb5e

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR