Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

update postcss to patched version #1408

merged 1 commit into from May 21, 2021


Copy link

postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing, as stated in this advisory:
This PR seeks to update the postcss package to a patched version.

@ai ai merged commit 190569b into postcss:main May 21, 2021
0 of 4 checks passed
Copy link

ai commented May 21, 2021

I also updated yarn.lock: 60ae9a6

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
None yet

Successfully merging this pull request may close these issues.

None yet

2 participants