[Snyk] Upgrade css-loader from 1.0.0 to 1.0.1 #49

snyk-bot · 2020-03-23T23:42:43Z

Snyk has created this PR to upgrade css-loader from 1.0.0 to 1.0.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 1 version ahead of your current version.
The recommended version was released a year ago, on 2018-10-29.

The recommended version fixes:

Severity	Issue	Exploit Maturity
	Prototype Pollution SNYK-JS-MINIMIST-559764	Proof of Concept

Release notes

Package name: css-loader

1.0.1 - 2018-10-29
2018-10-29

Bug Fixes
- loader: trim unquoted import urls (#783) (21fcddf)
1.0.0 - 2018-07-06
2018-07-06

BREAKING CHANGES
- remove minimize option, use postcss-loader with cssnano or use optimize-cssnano-plugin plugin
- remove module option, use modules option instead
- remove camelcase option, use camelCase option instead
- remove root option, use postcss-loader with postcss-url plugin
- remove alias option, use resolve.alias feature or use postcss-loader with postcss-url plugin
- update postcss to 6 version
- minimum require nodejs version is 6.9
- minimum require webpack version is 4

from css-loader GitHub release notes

Commit messages

Package name: css-loader

10c3bc3 chore(release): 1.0.1
e6cb60e chore(package): switch from `lodash.camelcase` to `lodash` (`dependencies`) (#784)
21fcddf fix(loader): trim unquoted import urls (#783)
67b2f20 docs(readme): fix various typos (#782)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs