chore(deps): update dependency postcss to v8.4.31 [security] #3630

renovate · 2023-10-08T03:39:24Z

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
postcss (source)	`8.4.28` -> `8.4.31`

GitHub Vulnerability Alerts

CVE-2023-44270

An issue was discovered in PostCSS before 8.4.31. It affects linters using PostCSS to parse external Cascading Style Sheets (CSS). There may be \r discrepancies, as demonstrated by @font-face{ font:(\r/*);} in a rule.

Release Notes

postcss/postcss (postcss)

`v8.4.31`

Compare Source

Fixed \r parsing to fix CVE-2023-44270.

`v8.4.30`

Compare Source

Improved source map performance (by Romain Menke).

`v8.4.29`

Compare Source

Fixed Node#source.offset (by Ido Rosenthal).
Fixed docs (by Christian Oliff).

Configuration

📅 Schedule: Branch creation - "" in timezone Asia/Singapore, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

vercel · 2023-10-08T03:39:26Z

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
nusmods-export	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Oct 8, 2023 3:42am
nusmods-website	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Oct 8, 2023 3:42am

codecov · 2023-10-08T03:42:37Z

Codecov Report

All modified lines are covered by tests ✅

Comparison is base (a14f8e1) 53.44% compared to head (326c0a2) 53.24%.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #3630      +/-   ##
==========================================
- Coverage   53.44%   53.24%   -0.21%     
==========================================
  Files         271      271              
  Lines        5862     5862              
  Branches     1396     1396              
==========================================
- Hits         3133     3121      -12     
- Misses       2729     2741      +12

see 1 file with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

* chore(deps): update dependency postcss to v8.4.31 [security] (#3630) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * feat(cpex): add standalone scraper (#3622) * chore(cpex): set term to next term instead of current (#3631) * Change MPE to CPE and Open MPE (#3623) * Fix serverless function not working (#3623) * Change modules to courses (#3623) * Change inS1 and inS2 from mpe to cpex and fix private key parsing (#3623) --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Christopher Goh <chrisgzf@gmail.com> Co-authored-by: Ravern Koh <ravernkoh@gmail.com>

* chore(deps): update dependency postcss to v8.4.31 [security] (#3630) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * feat(cpex): add standalone scraper (#3622) * chore(cpex): set term to next term instead of current (#3631) * Change MPE to CPE and Open MPE (#3623) * Fix serverless function not working (#3623) * Change modules to courses (#3623) * Change inS1 and inS2 from mpe to cpex and fix private key parsing (#3623) * Change package.json to use openssl legacy (#3623) Change package.json to set env variable(#3623) * Remove nodeoptions from package.json and change mpe api link (#3623) --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Christopher Goh <chrisgzf@gmail.com> Co-authored-by: Ravern Koh <ravernkoh@gmail.com>

…fications#3632) * chore(deps): update dependency postcss to v8.4.31 [security] (nusmodifications#3630) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * feat(cpex): add standalone scraper (nusmodifications#3622) * chore(cpex): set term to next term instead of current (nusmodifications#3631) * Change MPE to CPE and Open MPE (nusmodifications#3623) * Fix serverless function not working (nusmodifications#3623) * Change modules to courses (nusmodifications#3623) * Change inS1 and inS2 from mpe to cpex and fix private key parsing (nusmodifications#3623) --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Christopher Goh <chrisgzf@gmail.com> Co-authored-by: Ravern Koh <ravernkoh@gmail.com>

* chore(deps): update dependency postcss to v8.4.31 [security] (nusmodifications#3630) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * feat(cpex): add standalone scraper (nusmodifications#3622) * chore(cpex): set term to next term instead of current (nusmodifications#3631) * Change MPE to CPE and Open MPE (nusmodifications#3623) * Fix serverless function not working (nusmodifications#3623) * Change modules to courses (nusmodifications#3623) * Change inS1 and inS2 from mpe to cpex and fix private key parsing (nusmodifications#3623) * Change package.json to use openssl legacy (nusmodifications#3623) Change package.json to set env variable(nusmodifications#3623) * Remove nodeoptions from package.json and change mpe api link (nusmodifications#3623) --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Christopher Goh <chrisgzf@gmail.com> Co-authored-by: Ravern Koh <ravernkoh@gmail.com>

…fications#3632) * chore(deps): update dependency postcss to v8.4.31 [security] (nusmodifications#3630) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * feat(cpex): add standalone scraper (nusmodifications#3622) * chore(cpex): set term to next term instead of current (nusmodifications#3631) * Change MPE to CPE and Open MPE (nusmodifications#3623) * Fix serverless function not working (nusmodifications#3623) * Change modules to courses (nusmodifications#3623) * Change inS1 and inS2 from mpe to cpex and fix private key parsing (nusmodifications#3623) --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Christopher Goh <chrisgzf@gmail.com> Co-authored-by: Ravern Koh <ravernkoh@gmail.com>

* chore(deps): update dependency postcss to v8.4.31 [security] (nusmodifications#3630) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * feat(cpex): add standalone scraper (nusmodifications#3622) * chore(cpex): set term to next term instead of current (nusmodifications#3631) * Change MPE to CPE and Open MPE (nusmodifications#3623) * Fix serverless function not working (nusmodifications#3623) * Change modules to courses (nusmodifications#3623) * Change inS1 and inS2 from mpe to cpex and fix private key parsing (nusmodifications#3623) * Change package.json to use openssl legacy (nusmodifications#3623) Change package.json to set env variable(nusmodifications#3623) * Remove nodeoptions from package.json and change mpe api link (nusmodifications#3623) --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Christopher Goh <chrisgzf@gmail.com> Co-authored-by: Ravern Koh <ravernkoh@gmail.com>

* chore(deps): update dependency postcss to v8.4.31 [security] (#3630) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * feat(cpex): add standalone scraper (#3622) * chore(cpex): set term to next term instead of current (#3631) * Change MPE to CPE and Open MPE (#3623) * Fix serverless function not working (#3623) * Change modules to courses (#3623) * Change inS1 and inS2 from mpe to cpex and fix private key parsing (#3623) --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Christopher Goh <chrisgzf@gmail.com> Co-authored-by: Ravern Koh <ravernkoh@gmail.com>

* chore(deps): update dependency postcss to v8.4.31 [security] (#3630) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * feat(cpex): add standalone scraper (#3622) * chore(cpex): set term to next term instead of current (#3631) * Change MPE to CPE and Open MPE (#3623) * Fix serverless function not working (#3623) * Change modules to courses (#3623) * Change inS1 and inS2 from mpe to cpex and fix private key parsing (#3623) * Change package.json to use openssl legacy (#3623) Change package.json to set env variable(#3623) * Remove nodeoptions from package.json and change mpe api link (#3623) --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Christopher Goh <chrisgzf@gmail.com> Co-authored-by: Ravern Koh <ravernkoh@gmail.com>

* Change MPE to CPE and Open MPE (#3623) (#3627) Prepare for CPEx open * Fix serverless function error 500 in vercel (#3623) (#3628) * Fix serverless function not working (#3623) * Change modules to courses (#3623) (#3629) * Change modules to courses (#3623) * Change inS1 and inS2 MPE to CPEx and fix private key parsing (#3632) * chore(deps): update dependency postcss to v8.4.31 [security] (#3630) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * feat(cpex): add standalone scraper (#3622) * chore(cpex): set term to next term instead of current (#3631) * Change MPE to CPE and Open MPE (#3623) * Fix serverless function not working (#3623) * Change modules to courses (#3623) * Change inS1 and inS2 from mpe to cpex and fix private key parsing (#3623) --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Christopher Goh <chrisgzf@gmail.com> Co-authored-by: Ravern Koh <ravernkoh@gmail.com> * Update nus-auth.ts (#3623) Remove previous changes * Try to fix openssl legacy error (#3623) * chore(deps): update dependency postcss to v8.4.31 [security] (#3630) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * feat(cpex): add standalone scraper (#3622) * chore(cpex): set term to next term instead of current (#3631) * Change MPE to CPE and Open MPE (#3623) * Fix serverless function not working (#3623) * Change modules to courses (#3623) * Change inS1 and inS2 from mpe to cpex and fix private key parsing (#3623) * Change package.json to use openssl legacy (#3623) Change package.json to set env variable(#3623) * Remove nodeoptions from package.json and change mpe api link (#3623) --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Christopher Goh <chrisgzf@gmail.com> Co-authored-by: Ravern Koh <ravernkoh@gmail.com> * Update ModuleForm.tsx to use CPEx (#3623) * Update FAQ to point to CPEx FAQ (#3623) * Regenerate yarn lockfile using yarn classic v1 --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Christopher Goh <chrisgzf@gmail.com> Co-authored-by: Ravern Koh <ravernkoh@gmail.com>

* chore(deps): update dependency postcss to v8.4.31 [security] (nusmodifications#3630) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * feat(cpex): add standalone scraper (nusmodifications#3622) * chore(cpex): set term to next term instead of current (nusmodifications#3631) * Change MPE to CPE and Open MPE (nusmodifications#3623) * Fix serverless function not working (nusmodifications#3623) * Change modules to courses (nusmodifications#3623) * Change inS1 and inS2 from mpe to cpex and fix private key parsing (nusmodifications#3623) * Change package.json to use openssl legacy (nusmodifications#3623) Change package.json to set env variable(nusmodifications#3623) * Remove nodeoptions from package.json and change mpe api link (nusmodifications#3623) --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Christopher Goh <chrisgzf@gmail.com> Co-authored-by: Ravern Koh <ravernkoh@gmail.com>

chore(deps): update dependency postcss to v8.4.31 [security]

326c0a2

renovate bot added the dependencies label Oct 8, 2023

renovate bot enabled auto-merge (squash) October 8, 2023 03:39

renovate-approve bot approved these changes Oct 8, 2023

View reviewed changes

vercel bot deployed to Preview – nusmods-export October 8, 2023 03:40 View deployment

vercel bot deployed to Preview – nusmods-website October 8, 2023 03:42 View deployment

renovate bot merged commit 7312bf0 into master Oct 8, 2023
5 of 6 checks passed

renovate bot deleted the renovate/npm-postcss-vulnerability branch October 8, 2023 03:43

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update dependency postcss to v8.4.31 [security] #3630

chore(deps): update dependency postcss to v8.4.31 [security] #3630

renovate bot commented Oct 8, 2023

vercel bot commented Oct 8, 2023 •

edited

Loading

codecov bot commented Oct 8, 2023

chore(deps): update dependency postcss to v8.4.31 [security] #3630

chore(deps): update dependency postcss to v8.4.31 [security] #3630

Conversation

renovate bot commented Oct 8, 2023

GitHub Vulnerability Alerts

CVE-2023-44270

Release Notes

v8.4.31

v8.4.30

v8.4.29

Configuration

vercel bot commented Oct 8, 2023 • edited Loading

codecov bot commented Oct 8, 2023

Codecov Report

`v8.4.31`

`v8.4.30`

`v8.4.29`

vercel bot commented Oct 8, 2023 •

edited

Loading