Merge #471

471: Bump css-brunch from 2.0.0 to 2.10.0 r=notriddle a=dependabot[bot]

Bumps [css-brunch](https://github.com/brunch/css-brunch) from 2.0.0 to 2.10.0.
<details>
<summary>Changelog</summary>

*Sourced from [css-brunch's changelog](https://github.com/brunch/css-brunch/blob/master/CHANGELOG.md).*

> # css-brunch `<unreleased>`
> * Added support for CSS Modules with Brunch `<unreleased>`.
</details>
<details>
<summary>Commits</summary>

- [`60a07b5`](brunch/css-brunch@60a07b5) Release 2.10.0.
- [`bb6aedd`](brunch/css-brunch@bb6aedd) Deprecate css-brunch ([#14](https://github-redirect.dependabot.com/brunch/css-brunch/issues/14))
- [`099731b`](brunch/css-brunch@099731b) Update README.md
- [`3ae66b6`](brunch/css-brunch@3ae66b6) Fix brunch/brunch#1486 ([#13](https://github-redirect.dependabot.com/brunch/css-brunch/issues/13))
- [`0289ac7`](brunch/css-brunch@0289ac7) Merge pull request [#10](https://github-redirect.dependabot.com/brunch/css-brunch/issues/10) from rxfork/css-modules-options
- [`3f8aad0`](brunch/css-brunch@3f8aad0) Pass options from config to postcss-modules
- [`bc60ffe`](brunch/css-brunch@bc60ffe) Update postcss to 5.1.2 and postcss-modules to 0.5.0
- [`8c005db`](brunch/css-brunch@8c005db) Merge pull request [#7](https://github-redirect.dependabot.com/brunch/css-brunch/issues/7) from brunch/eslint2
- [`485fb55`](brunch/css-brunch@485fb55) css modules
- [`e317df6`](brunch/css-brunch@e317df6) Release 2.6.1.
- Additional commits viewable in [compare view](brunch/css-brunch@2.0.0...2.10.0)
</details>
<br />

[![Dependabot compatibility score](https://api.dependabot.com/badges/compatibility_score?dependency-name=css-brunch&package-manager=npm_and_yarn&previous-version=2.0.0&new-version=2.10.0)](https://dependabot.com/compatibility-score.html?dependency-name=css-brunch&package-manager=npm_and_yarn&previous-version=2.0.0&new-version=2.10.0)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

**Note:** This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.

You can always request more updates by clicking `Bump now` in your [Dependabot dashboard](https://app.dependabot.com).

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Automerge options (never/patch/minor, and dev/runtime dependencies)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

</details>

Co-authored-by: dependabot[bot] <support@dependabot.com>