Skip to content

Bump postcss, autoprefixer, doiuse and gulp-postcss in /static/scss/foundation#103

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/static/scss/foundation/multi-b96f8c2300
Open

Bump postcss, autoprefixer, doiuse and gulp-postcss in /static/scss/foundation#103
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/static/scss/foundation/multi-b96f8c2300

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 30, 2026

Copy link
Copy Markdown

Bumps postcss to 8.5.15 and updates ancestor dependencies postcss, autoprefixer, doiuse and gulp-postcss. These dependencies need to be updated together.

Updates postcss from 5.2.17 to 8.5.15

Release notes

Sourced from postcss's releases.

8.5.15

  • Fixed declaration parsing performance (by @​homanp).

8.5.14

8.5.13

  • Fixed postcss-scss commend regression.

8.5.12

  • Fixed reading any file via user-generated CSS.
  • Added opts.unsafeMap to disable checks.

8.5.11

  • Fixed nested brackets parsing performance (by @​offset).

8.5.10

  • Fixed XSS via unescaped </style> in non-bundler cases (by @​TharVid).

8.5.9

  • Speed up source map encoding paring in case of the error.

8.5.8

  • Fixed Processor#version.

8.5.7

  • Improved source map annotation cleaning performance (by CodeAnt AI).

8.5.6

  • Fixed ContainerWithChildren type discriminating (by @​Goodwine).

8.5.5

  • Fixed package.jsonexports compatibility with some tools (by @​JounQin).

8.5.4

8.5.3

8.5.2

8.5.1

8.5 “Duke Alloces”

... (truncated)

Changelog

Sourced from postcss's changelog.

8.5.15

  • Fixed declaration parsing performance (by @​homanp).

8.5.14

8.5.13

  • Fixed postcss-scss commend regression.

8.5.12

  • Fixed reading any file via user-generated CSS.
  • Added opts.unsafeMap to disable checks.

8.5.11

  • Fixed nested brackets parsing performance (by @​offset).

8.5.10

  • Fixed XSS via unescaped </style> in non-bundler cases (by @​TharVid).

8.5.9

  • Speed up source map encoding paring in case of the error.

8.5.8

  • Fixed Processor#version.

8.5.7

  • Improved source map annotation cleaning performance (by CodeAnt AI).

8.5.6

  • Fixed ContainerWithChildren type discriminating (by @​Goodwine).

8.5.5

  • Fixed package.jsonexports compatibility with some tools (by @​JounQin).

8.5.4

8.5.3

... (truncated)

Commits
  • eae46db Release 8.5.15 version
  • 79508ff Update CI actions
  • b128e21 Speed up declaration parsing by avoiding creating new array on each token
  • 9825dca Fix code format
  • 55789c8 Update dependencies
  • 84fbbe9 Install older pnpm action for old Node.js
  • 9f860bd Revert pnpm action for old Node.js
  • 0877198 Update CI actions
  • b2d1a33 Fix linter warnings
  • 0700dac Merge pull request #2088 from rootvector2/add-oss-fuzz-harness
  • Additional commits viewable in compare view

Updates autoprefixer from 6.7.7 to 10.5.0

Release notes

Sourced from autoprefixer's releases.

10.5.0 “Each Endeavouring, All Achieving”

  • Added mask-position-x and mask-position-y support (by @​toporek).

10.4.27

  • Removed development key from package.json.

10.4.26

  • Reduced package size.

10.4.25

  • Fixed broken gradients on CSS Custom Properties (by @​serger777).

10.4.24

  • Made Autoprefixer a little faster (by @​Cherry).

10.4.23

10.4.22

  • Fixed stretch prefixes on new Can I Use database.
  • Updated fraction.js.

10.4.21

10.4.20

  • Fixed fit-content prefix for Firefox.

10.4.19

  • Removed end value has mixed support, consider using flex-end warning since end/start now have good support.

10.4.18

  • Fixed removing -webkit-box-orient on -webkit-line-clamp (@​Goodwine).

10.4.17

  • Fixed user-select: contain prefixes.

10.4.16

10.4.15

10.4.14

  • Improved startup time and reduced JS bundle size (by @​Knagis).

... (truncated)

Changelog

Sourced from autoprefixer's changelog.

10.5.0 “Each Endeavouring, All Achieving”

  • Added mask-position-x and mask-position-y support (by @​toporek).

10.4.27

  • Removed development key from package.json.

10.4.26

  • Reduced package size.

10.4.25

  • Fixed broken gradients on CSS Custom Properties (by @​serger777).

10.4.24

  • Made Autoprefixer a little faster (by @​Cherry).

10.4.23

10.4.22

  • Fixed stretch prefixes on new Can I Use database.
  • Updated fraction.js.

10.4.21

10.4.20

  • Fixed fit-content prefix for Firefox.

10.4.19

  • Removed end value has mixed support, consider using flex-end warning since end/start now have good support.

10.4.18

  • Fixed removing -webkit-box-orient on -webkit-line-clamp (@​Goodwine).

10.4.17

  • Fixed user-select: contain prefixes.

... (truncated)

Commits

Updates doiuse from 2.6.0 to 6.0.6

Release notes

Sourced from doiuse's releases.

v6.0.6

What's Changed

New Contributors

Full Changelog: anandthakker/doiuse@v6.0.2...v6.0.6

6.0.2

  • fix(cli): actually throw error on failures 2ad9e2b63d86d936fd395d7c4d757b8eff3b661d
  • fix: properly check CSS length units 127502692f5ecd83b75c485379a78f0340da9053
  • perf(utils): only check selector on 'rule' nodes d9c6183c4ab13c19da1f6088bb0286492ca87d5d
  • perf(utils): only check atrule on 'atrule' nodes 08b9c2b448f7d41b058be24fcfc30858b3883fc2

6.0.1

  • fix(DoIUse): support string constructor argument ab7df2f095637fe52d10d65eabe47facd5cd3633
  • typescript: reconfigure for ts 5.x and node v16.x 44359cba909e1c6a6fb605b24ba71732ba3dda94
  • fix(exports/stream): constructor as default export 959d763da9e465fd2dc73e7a36c093156fa47564

6.0.0 (2022-07-03)

  • BREAKING: Drop Node v12 and v14 support
  • Add caniuse features
    • css-conic-gradients
    • css-container-queries-style
    • css-container-query-units
    • css-font-palette
    • css-grid-animation
    • css-matches-pseudo
    • css-math-functions
    • css-media-range-syntax

... (truncated)

Changelog

Sourced from doiuse's changelog.

Changelog

6.0.2 (2023-07-07)

  • fix(cli): actually throw error on failures 2ad9e2b63d86d936fd395d7c4d757b8eff3b661d
  • fix: properly check CSS length units 127502692f5ecd83b75c485379a78f0340da9053
  • perf(utils): only check selector on 'rule' nodes d9c6183c4ab13c19da1f6088bb0286492ca87d5d
  • perf(utils): only check atrule on 'atrule' nodes 08b9c2b448f7d41b058be24fcfc30858b3883fc2

6.0.1 (2023-07-05)

  • fix(DoIUse): support string constructor argument ab7df2f095637fe52d10d65eabe47facd5cd3633
  • typescript: reconfigure for ts 5.x and node v16.x 44359cba909e1c6a6fb605b24ba71732ba3dda94
  • fix(exports/stream): constructor as default export 959d763da9e465fd2dc73e7a36c093156fa47564

6.0.0 (2023-07-03)

  • BREAKING: Drop Node v12 and v14 support
  • Add caniuse features
    • css-conic-gradients
    • css-container-queries-style
    • css-container-query-units
    • css-font-palette
    • css-grid-animation
    • css-matches-pseudo
    • css-math-functions
    • css-media-range-syntax
    • css-motion-paths
    • css-print-color-adjust
    • mdn-css-unicode-bidi-isolate
    • mdn-css-unicode-bidi-isolate-override
    • mdn-css-unicode-bidi-plaintext
    • mdn-text-decoration-color
    • mdn-text-decoration-line
    • mdn-text-decoration-shorthand
    • mdn-text-decoration-style
  • Update dependencies
    • browserlist
    • caniuse-lite
    • postcss
    • source-map
    • yargs
  • Update dev dependencies

5.1.1 (2022-03-12)

  • Fix flexbox typo

5.1.0 (2022-03-12)

  • Add legacy support with main in package.json
  • Use individual files for feature checks
  • Add missing css-grid values

5.0.4 (2022-03-12)

... (truncated)

Commits
  • 6e1f2e0 Revert "chore: update typescript-eslint"
  • 8c8eaaa chore: update typescript-eslint
  • 13d17f4 fix(cli): fix yarg breaking change
  • 8240053 fix(postcss): handle empty PostCSS config so plugin loads when config is empt...
  • b31ae01 chore: bump 6.0.6 and update versions
  • 1306aa8 chore: update dependencies
  • 07e2b6a dev: publish script to node 16
  • 6731fe5 docs: simplify browser range output (#185)
  • f83aac9 dev: Publish after creating release in Github (#125)
  • f8c245d chore: fix package.json main typo
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by shortfuse, a new releaser for doiuse since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.


Updates gulp-postcss from 7.0.0 to 10.0.0

Release notes

Sourced from gulp-postcss's releases.

10.0.0

Same changes as https://github.com/postcss/gulp-postcss/releases/tag/9.1.0, published with the major version bump because of a breaking change.

9.1.0 (deprecated)

Deprecated, republished as 10.0.0 to follow semver, because of the breaking change to drop support for node <18

  • Bump postcss-load-config to ^5.0.0
  • Ensure options are passed to plugins when using postcss.config.js #170
  • Update deps
  • Drop support for node <18
  • Add flake.nix for local dev with nix develop

9.0.1

  • Bump postcss-load-config to ^3.0.0

9.0.0

  • Bump PostCSS to 8.0
  • Drop Node 6 support
  • PostCSS is now a peer dependency

8.0.0

  • Bump PostCSS to 7.0
  • Drop Node 4 support

7.0.1

  • Drop dependency on gulp-util
Commits
  • 46533ec Bump to 10.0.0
  • 77ed79a Merge pull request #187 from postcss/update-deps
  • 687f29f Bump to 9.1.0
  • c21fca9 Merge pull request #170 from JohnAlbin/pass-options-to-plugins
  • bd9d4c0 Merge pull request #186 from postcss/bump-postcss-load-config
  • 0f15414 Bump postcss-load-config
  • 83dcfcd Merge branch 'main' into pass-options-to-plugins
  • 70dfabe Release 9.0.1
  • 5d3bf7a Merge pull request #176 from postcss/switch-to-github-workflows
  • 22e8c3a Switch to github workflow for testing
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump postcss, autoprefixer, doiuse and gulp-postcss
830f0d7 
Bumps [postcss](https://github.com/postcss/postcss) to 8.5.15 and updates ancestor dependencies [postcss](https://github.com/postcss/postcss), [autoprefixer](https://github.com/postcss/autoprefixer), [doiuse](https://github.com/anandthakker/doiuse) and [gulp-postcss](https://github.com/postcss/gulp-postcss). These dependencies need to be updated together.


Updates `postcss` from 5.2.17 to 8.5.15
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@5.2.17...8.5.15)

Updates `autoprefixer` from 6.7.7 to 10.5.0
- [Release notes](https://github.com/postcss/autoprefixer/releases)
- [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md)
- [Commits](postcss/autoprefixer@6.7.7...10.5.0)

Updates `doiuse` from 2.6.0 to 6.0.6
- [Release notes](https://github.com/anandthakker/doiuse/releases)
- [Changelog](https://github.com/anandthakker/doiuse/blob/master/CHANGELOG.md)
- [Commits](anandthakker/doiuse@v2.6.0...v6.0.6)

Updates `gulp-postcss` from 7.0.0 to 10.0.0
- [Release notes](https://github.com/postcss/gulp-postcss/releases)
- [Commits](postcss/gulp-postcss@7.0.0...10.0.0)

---
updated-dependencies:
- dependency-name: postcss
  dependency-version: 8.5.15
  dependency-type: indirect
- dependency-name: autoprefixer
  dependency-version: 10.5.0
  dependency-type: direct:development
- dependency-name: doiuse
  dependency-version: 6.0.6
  dependency-type: direct:development
- dependency-name: gulp-postcss
  dependency-version: 10.0.0
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 30, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants