Bump qs, express, @vue/cli-plugin-babel, @vue/cli-plugin-eslint, @vue/cli-service, less and node-sass

[dependabot]

Bumps qs to 6.14.2 and updates ancestor dependencies qs, express, @vue/cli-plugin-babel, @vue/cli-plugin-eslint, @vue/cli-service, less and node-sass. These dependencies need to be updated together.

Updates qs from 6.7.0 to 6.14.2

Changelog

Sourced from qs's changelog.

6.14.2

• [Fix] parse: mark overflow objects for indexed notation exceeding arrayLimit (#546)
• [Fix] arrayLimit means max count, not max index, in combine/merge/parseArrayValue
• [Fix] parse: throw on arrayLimit exceeded with indexed notation when throwOnLimitExceeded is true (#529)
• [Fix] parse: enforce arrayLimit on comma-parsed values
• [Fix] parse: fix error message to reflect arrayLimit as max index; remove extraneous comments (#545)
• [Robustness] avoid .push, use void
• [readme] document that addQueryPrefix does not add ? to empty output (#418)
• [readme] clarify parseArrays and arrayLimit documentation (#543)
• [readme] replace runkit CI badge with shields.io check-runs badge
• [meta] fix changelog typo (arrayLength → arrayLimit)
• [actions] fix rebase workflow permissions

6.14.1

• [Fix] ensure arrayLimit applies to [] notation as well
• [Fix] parse: when a custom decoder returns null for a key, ignore that key
• [Refactor] parse: extract key segment splitting helper
• [meta] add threat model
• [actions] add workflow permissions
• [Tests] stringify: increase coverage
• [Dev Deps] update eslint, @ljharb/eslint-config, npmignore, es-value-fixtures, for-each, object-inspect

6.14.0

• [New] parse: add throwOnParameterLimitExceeded option (#517)
• [Refactor] parse: use utils.combine more
• [patch] parse: add explicit throwOnLimitExceeded default
• [actions] use shared action; re-add finishers
• [meta] Fix changelog formatting bug
• [Deps] update side-channel
• [Dev Deps] update es-value-fixtures, has-bigints, has-proto, has-symbols
• [Tests] increase coverage

6.13.3

[Fix] fix regressions from robustness refactor [actions] update reusable workflows

6.13.2

• [Robustness] avoid .push, use void
• [readme] clarify parseArrays and arrayLimit documentation (#543)
• [readme] document that addQueryPrefix does not add ? to empty output (#418)
• [readme] replace runkit CI badge with shields.io check-runs badge
• [actions] fix rebase workflow permissions

6.13.1

• [Fix] stringify: avoid a crash when a filter key is null
• [Fix] utils.merge: functions should not be stringified into keys
• [Fix] parse: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset
• [Fix] stringify: ensure a non-string filter does not crash
• [Refactor] use __proto__ syntax instead of Object.create for null objects
• [Refactor] misc cleanup

... (truncated)

Commits

• bdcf0c7 v6.14.2
• 294db90 [readme] document that addQueryPrefix does not add ? to empty output
• 5c308e5 [readme] clarify parseArrays and arrayLimit documentation
• 6addf8c [Fix] parse: mark overflow objects for indexed notation exceeding arrayLimit
• cfc108f [Fix] arrayLimit means max count, not max index, in combine/merge/`pars...
• febb644 [Fix] parse: throw on arrayLimit exceeded with indexed notation when `thr...
• f6a7abf [Fix] parse: enforce arrayLimit on comma-parsed values
• fbc5206 [Fix] parse: fix error message to reflect arrayLimit as max index; remove e...
• 1b9a8b4 [actions] fix rebase workflow permissions
• 2a35775 [meta] fix changelog typo (arrayLength → arrayLimit)
• Additional commits viewable in compare view

Install script changes

This version modifies prepublish script that runs during installation. Review the package contents before updating.

Updates express from 4.17.1 to 4.22.1

Release notes

Sourced from express's releases.

v4.22.1

What's Changed

[!IMPORTANT]
The prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.

• Release: 4.22.1 by @​UlisesGascon in expressjs/express#6934

Full Changelog: expressjs/express@4.22.0...v4.22.1

4.22.0

Important: Security

• Security fix for CVE-2024-51999 (GHSA-pj86-cfqh-vqx6)

What's Changed

• Refactor: improve readability by @​sazk07 in expressjs/express#6190
• ci: add support for Node.js@23.0 by @​UlisesGascon in expressjs/express#6080
• Method functions with no path should error by @​wesleytodd in expressjs/express#5957
• ci: updated github actions ci workflow by @​Phillip9587 in expressjs/express#6323
• ci: reorder npm i steps to fix ci for older node versions by @​Phillip9587 in expressjs/express#6336
• Backport: ci: add node.js 24 to test matrix by @​Phillip9587 in expressjs/express#6506
• chore(4.x): wider range for query test skip by @​jonchurch in expressjs/express#6513
• use tilde notation for certain dependencies by @​UlisesGascon in expressjs/express#6905
• deps: qs@6.14.0 by @​UlisesGascon in expressjs/express#6909
• deps: use tilde notation for qs by @​Phillip9587 in expressjs/express#6919
• Release: 4.22.0 by @​UlisesGascon in expressjs/express#6921

Full Changelog: expressjs/express@4.21.2...4.22.0

4.21.2

What's Changed

• Add funding field (v4) by @​bjohansebas in expressjs/express#6065
• deps: path-to-regexp@0.1.11 by @​blakeembrey in expressjs/express#5956
• deps: bump path-to-regexp@0.1.12 by @​jonchurch in expressjs/express#6209
• Release: 4.21.2 by @​UlisesGascon in expressjs/express#6094

Full Changelog: expressjs/express@4.21.1...4.21.2

4.21.1

What's Changed

• Backport a fix for CVE-2024-47764 to the 4.x branch by @​joshbuker in expressjs/express#6029
• Release: 4.21.1 by @​UlisesGascon in expressjs/express#6031

Full Changelog: expressjs/express@4.21.0...4.21.1

... (truncated)

Changelog

Sourced from express's changelog.

4.22.1 / 2025-12-01

• Revert security fix for CVE-2024-51999 (GHSA-pj86-cfqh-vqx6)

4.22.0 / 2025-12-01

• Security fix for CVE-2024-51999 (GHSA-pj86-cfqh-vqx6)
• deps: use tilde notation for dependencies
• deps: qs@6.14.0

4.21.2 / 2024-11-06

• deps: path-to-regexp@0.1.12
  • Fix backtracking protection
• deps: path-to-regexp@0.1.11
  • Throws an error on invalid path values

4.21.1 / 2024-10-08

• Backported a fix for CVE-2024-47764

4.21.0 / 2024-09-11

• Deprecate res.location("back") and res.redirect("back") magic string
• deps: serve-static@1.16.2
  • includes send@0.19.0
• deps: finalhandler@1.3.1
• deps: qs@6.13.0

4.20.0 / 2024-09-10

• deps: serve-static@0.16.0
  • Remove link renderization in html while redirecting
• deps: send@0.19.0
  • Remove link renderization in html while redirecting
• deps: body-parser@0.6.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
• Remove link renderization in html while using res.redirect
• deps: path-to-regexp@0.1.10
  • Adds support for named matching groups in the routes using a regex
  • Adds backtracking protection to parameters without regexes defined
• deps: encodeurl@~2.0.0
  • Removes encoding of \, |, and ^ to align better with URL spec
• Deprecate passing options.maxAge and options.expires to res.clearCookie

... (truncated)

Commits

• 12fae14 4.22.1
• 5ddf311 Revert "sec: security patch for CVE-2024-51999"
• 49744ab 4.22.0 (#6921)
• 6e97452 sec: security patch for CVE-2024-51999
• 6a23d34 deps: use tilde notation for qs (#6919)
• 8c12cdf deps: qs@6.14.0 (#6909)
• 7fea74f deps: use tilde notation for certain dependencies (#6905)
• dac7a04 chore: wider range for query test skip (#6513)
• 997919b ci: add node.js 24 to test matrix (#6506)
• 36fb59c fix(ci): reorder npm i steps to fix ci for older node versions (#6336)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jonchurch, a new releaser for express since your current version.

Updates @vue/cli-plugin-babel from 3.12.1 to 5.0.9

Release notes

Sourced from @​vue/cli-plugin-babel's releases.

v5.0.9

🐛 Bug Fix

• @vue/cli-service
  • #7443 fix: add missing default __VUE_PROD_HYDRATION_MISMATCH_DETAILS__, fixes compatibility with vue 3.5.19 (@​bobvandevijver)

v5.0.8

🐛 Bug Fix

• @vue/cli-service
  • 0260e4d fix: add devServer.server.type to useHttps judgement (vuejs/vue-cli#7222)
• @vue/cli-ui
  • 07052c4 fix: Vue CLI UI graphql subscription server error, fixes vuejs/vue-cli#7221

v5.0.7

• @vue/cli-service
  • #7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@​backrunner, @​sodatea)
  • [beffe8a] fix: allow disabling progress plugin via devServer.client.progress
• @vue/cli-ui
  • #7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

• BackRunner (@​backrunner)
• Haoqun Jiang (@​sodatea)

v5.0.6

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

v5.0.5

🐛 Bug Fix

• @vue/cli
  • #7167 fix(upgrade): prevent changing the structure of package.json file during upgrade (@​blzsaa)
• @vue/cli-service
  • #7023 fix: windows vue.config.mjs support (@​xiaoxiangmoe)
• @vue/cli-plugin-e2e-cypress
  • [697bb44] fix: should correctly resolve cypress bin path for Cypress 10 (Note that the project is still created with Cypress 9 by default, but you can upgrade to Cypress 10 on your own now)

Committers: 3

• Martijn Jacobs (@​maerteijn)
• ZHAO Jinxiang (@​xiaoxiangmoe)
• @​blzsaa

v5.0.4

🐛 Bug Fix

• @vue/cli-service
  • #7005 Better handling of publicPath: 'auto' (@​AndreiSoroka)
• @vue/cli-shared-utils, @vue/cli-ui
  • 75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

... (truncated)

Changelog

Sourced from @​vue/cli-plugin-babel's changelog.

5.0.9 (2025-08-21)

🐛 Bug Fix

• @vue/cli
  • #7265 fix: pnpm v7 install error (@​lvqq)

Committers: 2

• Bob van de Vijver (@​bobvandevijver)
• chlorine (@​lvqq)

5.0.7 (2022-07-05)

• @vue/cli-service
  • #7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@​backrunner, @​sodatea)
  • [beffe8a] fix: allow disabling progress plugin via devServer.client.progress
• @vue/cli-ui
  • #7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

• BackRunner (@​backrunner)
• Haoqun Jiang (@​sodatea)

5.0.6 (2022-06-16)

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

5.0.5 (2022-06-16)

🐛 Bug Fix

• @vue/cli
  • #7167 feat(upgrade): prevent changing the structure of package.json file during upgrade (@​blzsaa)
• @vue/cli-service
  • #7023 fix: windows vue.config.mjs support (@​xiaoxiangmoe)

Committers: 3

• Martijn Jacobs (@​maerteijn)
• ZHAO Jinxiang (@​xiaoxiangmoe)
• @​blzsaa

... (truncated)

Commits

• 7eb93c1 v5.0.9
• b154dbd v5.0.8
• 4a0655f v5.0.7
• ef08a08 v5.0.6
• 98c66c9 v5.0.5
• ca97fc2 v5.0.4
• dd53f26 v5.0.3
• a859b1f v5.0.2
• 92d80a8 v5.0.1
• c913cdc v5.0.0
• Additional commits viewable in compare view

Updates @vue/cli-plugin-eslint from 3.12.1 to 5.0.9

Release notes

Sourced from @​vue/cli-plugin-eslint's releases.

v5.0.9

🐛 Bug Fix

• @vue/cli-service
  • #7443 fix: add missing default __VUE_PROD_HYDRATION_MISMATCH_DETAILS__, fixes compatibility with vue 3.5.19 (@​bobvandevijver)

v5.0.8

🐛 Bug Fix

• @vue/cli-service
  • 0260e4d fix: add devServer.server.type to useHttps judgement (vuejs/vue-cli#7222)
• @vue/cli-ui
  • 07052c4 fix: Vue CLI UI graphql subscription server error, fixes vuejs/vue-cli#7221

v5.0.7

• @vue/cli-service
  • #7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@​backrunner, @​sodatea)
  • [beffe8a] fix: allow disabling progress plugin via devServer.client.progress
• @vue/cli-ui
  • #7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

• BackRunner (@​backrunner)
• Haoqun Jiang (@​sodatea)

v5.0.6

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

v5.0.5

🐛 Bug Fix

• @vue/cli
  • #7167 fix(upgrade): prevent changing the structure of package.json file during upgrade (@​blzsaa)
• @vue/cli-service
  • #7023 fix: windows vue.config.mjs support (@​xiaoxiangmoe)
• @vue/cli-plugin-e2e-cypress
  • [697bb44] fix: should correctly resolve cypress bin path for Cypress 10 (Note that the project is still created with Cypress 9 by default, but you can upgrade to Cypress 10 on your own now)

Committers: 3

• Martijn Jacobs (@​maerteijn)
• ZHAO Jinxiang (@​xiaoxiangmoe)
• @​blzsaa

v5.0.4

🐛 Bug Fix

• @vue/cli-service
  • #7005 Better handling of publicPath: 'auto' (@​AndreiSoroka)
• @vue/cli-shared-utils, @vue/cli-ui
  • 75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

... (truncated)

Changelog

Sourced from @​vue/cli-plugin-eslint's changelog.

5.0.9 (2025-08-21)

🐛 Bug Fix

• @vue/cli
  • #7265 fix: pnpm v7 install error (@​lvqq)

Committers: 2

• Bob van de Vijver (@​bobvandevijver)
• chlorine (@​lvqq)

5.0.7 (2022-07-05)

• @vue/cli-service
  • #7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@​backrunner, @​sodatea)
  • [beffe8a] fix: allow disabling progress plugin via devServer.client.progress
• @vue/cli-ui
  • #7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

• BackRunner (@​backrunner)
• Haoqun Jiang (@​sodatea)

5.0.6 (2022-06-16)

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

5.0.5 (2022-06-16)

🐛 Bug Fix

• @vue/cli
  • #7167 feat(upgrade): prevent changing the structure of package.json file during upgrade (@​blzsaa)
• @vue/cli-service
  • #7023 fix: windows vue.config.mjs support (@​xiaoxiangmoe)

Committers: 3

• Martijn Jacobs (@​maerteijn)
• ZHAO Jinxiang (@​xiaoxiangmoe)
• @​blzsaa

... (truncated)

Commits

• 7eb93c1 v5.0.9
• b154dbd v5.0.8
• 4a0655f v5.0.7
• ef08a08 v5.0.6
• 98c66c9 v5.0.5
• ca97fc2 v5.0.4
• dd53f26 v5.0.3
• a859b1f v5.0.2
• 92d80a8 v5.0.1
• c913cdc v5.0.0
• Additional commits viewable in compare view

Updates @vue/cli-service from 3.12.1 to 5.0.9

Release notes

Sourced from @​vue/cli-service's releases.

v5.0.9

🐛 Bug Fix

• @vue/cli-service
  • #7443 fix: add missing default __VUE_PROD_HYDRATION_MISMATCH_DETAILS__, fixes compatibility with vue 3.5.19 (@​bobvandevijver)

v5.0.8

🐛 Bug Fix

• @vue/cli-service
  • 0260e4d fix: add devServer.server.type to useHttps judgement (vuejs/vue-cli#7222)
• @vue/cli-ui
  • 07052c4 fix: Vue CLI UI graphql subscription server error, fixes vuejs/vue-cli#7221

v5.0.7

• @vue/cli-service
  • #7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@​backrunner, @​sodatea)
  • [beffe8a] fix: allow disabling progress plugin via devServer.client.progress
• @vue/cli-ui
  • #7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

• BackRunner (@​backrunner)
• Haoqun Jiang (@​sodatea)

v5.0.6

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

v5.0.5

🐛 Bug Fix

• @vue/cli
  • #7167 fix(upgrade): prevent changing the structure of package.json file during upgrade (@​blzsaa)
• @vue/cli-service
  • #7023 fix: windows vue.config.mjs support (@​xiaoxiangmoe)
• @vue/cli-plugin-e2e-cypress
  • [697bb44] fix: should correctly resolve cypress bin path for Cypress 10 (Note that the project is still created with Cypress 9 by default, but you can upgrade to Cypress 10 on your own now)

Committers: 3

• Martijn Jacobs (@​maerteijn)
• ZHAO Jinxiang (@​xiaoxiangmoe)
• @​blzsaa

v5.0.4

🐛 Bug Fix

• @vue/cli-service
  • #7005 Better handling of publicPath: 'auto' (@​AndreiSoroka)
• @vue/cli-shared-utils, @vue/cli-ui
  • 75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

... (truncated)

Changelog

Sourced from @​vue/cli-service's changelog.

5.0.9 (2025-08-21)

🐛 Bug Fix

• @vue/cli
  • #7265 fix: pnpm v7 install error (@​lvqq)

Committers: 2

• Bob van de Vijver (@​bobvandevijver)
• chlorine (@​lvqq)

5.0.7 (2022-07-05)

• @vue/cli-service
  • #7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@​backrunner, @​sodatea)
  • [beffe8a] fix: allow disabling progress plugin via devServer.client.progress
• @vue/cli-ui
  • #7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

• BackRunner (@​backrunner)
• Haoqun Jiang (@​sodatea)

5.0.6 (2022-06-16)

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

5.0.5 (2022-06-16)

🐛 Bug Fix

• @vue/cli
  • #7167 feat(upgrade): prevent changing the structure of package.json file during upgrade (@​blzsaa)
• @vue/cli-service
  • #7023 fix: windows vue.config.mjs support (@​xiaoxiangmoe)

Committers: 3

• Martijn Jacobs (@​maerteijn)
• ZHAO Jinxiang (@​xiaoxiangmoe)
• @​blzsaa

... (truncated)

Commits

• 7eb93c1 v5.0.9
• c21c156 fix: add missing default __VUE_PROD_HYDRATION_MISMATCH_DETAILS__ (#7443)
• b154dbd v5.0.8
• 0260e4d fix: add devServer.server.type to useHttps judgement (#7222)
• 4a0655f v5.0.7
• beffe8a fix: allow disabling progress plugin via devServer.client.progress
• 558dea2 fix: support devServer.server option, avoid deprecation warning
• bddd64d fix: optimize the judgment on whether HTTPS has been set in options (#7202)
• ef08a08 v5.0.6
• fcf27e3 fixup! fix: compatibility with Vue 2.7
• Additional commits viewable in compare view

Updates less from 2.7.3 to 4.5.1

Release notes

Sourced from less's releases.

v4.5.1

• Internal test refactor (#4378).
• Initial auto-publishing implementation (#4390 and #4391)

v4.4.2

• #4357 Migrate Less test data to use valid CSS (@​matthew-dean)
• #4363 Fix #4362 no spacing regression for function (@​puckowski)

v4.4.1

• #4342 Add support for CSS scroll state container queries (@​puckowski)
• #4349 Fix #4348 parse layer nesting syntax (@​puckowski)

v4.4.0

• #4337 Add support for layer at-rule (@​puckowski)
• #4340 Add support for import at-rule layer functionality (@​puckowski)
• #4346 Fix #4343 add color operands (@​puckowski)

v4.3.0

#4319 Add deprecation warnings to Less output during parsing and new quiet flag (@​matthew-dean) #4320 Update README.md to remove Lerna reference (@​matthew-dean) #4322 Revise Playwright install method for CI stability (@​puckowski) #4333 Add support for starting-style at rule. (@​puckowski)

v4.2.2

less/less.js#4290 Fix less/less.js#4268 nested pseudo-selector parsing (@​puckowski) less/less.js#4291 Enhance Less.js test environment setup (#4291) (@​iChenLei) less/less.js#4295 Fix less/less.js#4252 container queries created via mixin evaluating variables incorrectly (@​puckowski) less/less.js#4294 Fix less/less.js#3737 allow blank variable declarationd (@​puckowski) less/less.js#4292 Fix less/less.js#4258 variable interpolation after math (@​puckowski) less/less.js#4293 Fix less/less.js#4264 strip line comment from expression (@​puckowski) less/less.js#4302 Fix less/less.js#4301 at-rule declarations missing (@​puckowski) less/less.js#4309 Fix Node 23 CI (#4309) (@​iChenLei)

v4.2.1

• #4235 Fix container style queries extra space resolved (@​puckowski)

v4.2.0

• #3811 add support for container queries (@​puckowski)
• #3761 fix faulty source map generation with variables in selectors, fixes #3567 (@​pgoldberg)
• #3700 parsing variables fail when there is no trailing semicolon (@​b-kelly)
• #3719 modify this pointer so that it is not empty. (@​lumburr)
• #3649 fixes #2991 empty @media queries generated when compiling less file with (reference) to bootstrap (@​MoonCoral)

v4.1.3

• #3673 Feat: add support for case-insensitive attribute selectors (#3673) (@​iChenLei)
• #3710 Feat: add disablePluginRule flag for render() options (#3710) (@​broofa @​edhgoose)
• #3656 Fix #3655 for param tag is null (#3658) (@​langren1353)
• #3658 Fix #3646 forcefully change unsupported input to strings (#3658) (@​gzb1128)
• #3668 Fix change keyword plugin and import regexp (#3668) (@​iChenLei)

... (truncated)

Changelog

Sourced from less's changelog.

Change Log

v4.4.2 (2025-08-27)

• #4357 Migrate Less test data to use valid CSS (@​matthew-dean)
• #4363 Fix #4362 no spacing regression for function (@​puckowski)

v4.4.1 (2025-07-25)

• #4342 Add support for CSS scroll state container queries (@​puckowski)
• #4349 Fix #4348 parse layer nesting syntax (@​puckowski)

v4.4.0 (2025-05-31)

• #4337 Add support for layer at-rule (@​puckowski)
• #4340 Add support for import at-rule layer functionality (@​puckowski)
• #4346 Fix #4343 add color operands (@​puckowski)

v4.3.0 (2025-04-04)

• #4319 Add deprecation warnings to Less output during parsing and new quiet flag (@​matthew-dean)
• #4320 Update README.md to remove Lerna reference (@​matthew-dean)
• #4322 Revise Playwright install method for CI stability (@​puckowski)
• #4333 Add support for starting-style at rule. (@​puckowski)

v4.2.2 (2025-01-04)

• #4290 Fix #4268 nested pseudo-selector parsing (@​puckowski)
• #4291 Enhance Less.js test environment setup (#4291) (@​iChenLei)
• #4295 Fix #4252 container queries created via mixin evaluating variables incorrectly (@​puckowski)
• #4294 Fix #3737 allow blank variable declarationd (@​puckowski)
• #4292 Fix #4258 variable interpolation after math (@​puckowski)
• #4293 Fix #4264 strip line comment from expression (@​puckowski)
• #4302 Fix #4301 at-rule declarations missing (@​puckowski)
• #4309 Fix Node 23 CI (#4309) (@​iChenLei)

v4.2.1 (2024-09-26)

• #4237 Fix #4235 container style queries extra space resolved (@​puckowski)

v4.2.0 (2023-08-06)

• #3811 add support for container queries (@​puckowski)
• #3761 fix faulty source map generation with variables in selectors, fixes #3567 (@​pgoldberg)
• #3700 parsing variables fail when there is no trailing semicolon (@​b-kelly)
• #3719 modify this pointer so that it is not empty. (@​lumburr)
• #3649 fixes #2991 empty @​media queries generated when compiling less file with (reference) to bootstrap (@​MoonCoral)

v4.1.3 (2022-06-09)

• #3673 Feat: add support for case-insensitive attribute selectors (#3673) (@​iChenLei)
• #3710 Feat: add disablePluginRule flag for render() options (#3710) (@​broofa @​edhgoose)

... (truncated)

Commits

• 6e81606 Fix auto-publishing permissions / graceful fallback (#4391)
• 5cd329c Set up auto-publishing and alpha branch (#4390)
• 4322869 [Needs reviews!] Mega test refactor (#4378)
• 1bde4bd Release/v4.4.2 (#4364)
• 5ed7100 fix(issue#4362) no spacing regression for function (#4363)
• 9c06159 Migrate Less to use valid CSS (#4357)
• 9d345ff Release v4.4.1 (#4351)
• 6e0095d CSS scroll state container queries and improved function handling (#4342)
• 01a187e fix(issue#4348): parse layer nesting syntax (#4349)
• 033e3b3 Release v4.4.0 (#4345)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for less since your current version.

Install script changes

This version adds postinstall script that runs during installation. Review the package contents before updating.

Updates node-sass from 4.14.1 to 9.0.0

Release notes

Sourced from node-sass's releases.

v9.0.0

What's Changed

• Node 20 support by @​nschonni in sass/node-sass#3355

Breaking changes

• Drop support for Node 14 (@​nschonni)

Supported Environments

OS	Architecture	Node
Windows	x86 & x64	16, 18, 19, 20
OSX	x64	16, 18, 19, 20
Linux*	x64	16, 18, 19, 20
Alpine Linux	x64	16, 18, 19, 20

*Linux support refers to major distributions like Ubuntu, and Debian

v8.0.0

What's Changed

• Fix binaries being partially downloaded by @​xzyfer in sass/node-sass#3313
• Bump node-gyp and nan for node 19 support by @​xzyfer in