Skip to content

fix(deps): bump postcss from 8.5.8 to 8.5.13#749

Merged
mergify[bot] merged 1 commit into
mainfrom
dependabot/npm_and_yarn/postcss-8.5.13
May 1, 2026
Merged

fix(deps): bump postcss from 8.5.8 to 8.5.13#749
mergify[bot] merged 1 commit into
mainfrom
dependabot/npm_and_yarn/postcss-8.5.13

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 1, 2026
edited
Loading

Bumps postcss from 8.5.8 to 8.5.13.

Release notes

Sourced from postcss's releases.

8.5.13

  • Fixed postcss-scss commend regression.

8.5.12

  • Fixed reading any file via user-generated CSS.
  • Added opts.unsafeMap to disable checks.

8.5.11

  • Fixed nested brackets parsing performance (by @​offset).

8.5.10

  • Fixed XSS via unescaped </style> in non-bundler cases (by @​TharVid).

8.5.9

  • Speed up source map encoding paring in case of the error.
Changelog

Sourced from postcss's changelog.

8.5.13

  • Fixed postcss-scss commend regression.

8.5.12

  • Fixed reading any file via user-generated CSS.
  • Added opts.unsafeMap to disable checks.

8.5.11

  • Fixed nested brackets parsing performance (by @​offset).

8.5.10

  • Fixed XSS via unescaped </style> in non-bundler cases (by @​TharVid).

8.5.9

  • Speed up source map encoding paring in case of the error.
Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 1, 2026
mergify[bot]
mergify Bot approved these changes May 1, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@mergify mergify Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Automatically approving dependabot

@dependabot
fix(deps): bump postcss from 8.5.8 to 8.5.13
ef8a5a5 
Bumps [postcss](https://github.com/postcss/postcss) from 8.5.8 to 8.5.13.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.5.8...8.5.13)

---
updated-dependencies:
- dependency-name: postcss
  dependency-version: 8.5.13
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/postcss-8.5.13 branch from c4246f8 to ef8a5a5 Compare May 1, 2026 00:11
@mergify mergify Bot merged commit e4d6203 into main May 1, 2026
10 checks passed
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/postcss-8.5.13 branch May 1, 2026 00:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mergify mergify[bot] mergify[bot] approved these changes

Assignees

@berviantoleo berviantoleo

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@berviantoleo