Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update postcss-selector-parser requirement from ^3.1.0 to ^5.0.0 #4255

Closed
wants to merge 1 commit into from
Closed

Update postcss-selector-parser requirement from ^3.1.0 to ^5.0.0 #4255

wants to merge 1 commit into from

Conversation

dependabot-preview[bot]
Copy link
Contributor

Updates the requirements on postcss-selector-parser to permit the latest version.

Release notes

Sourced from postcss-selector-parser's releases.

5.0.0

Summary of Changes

  • The way a descendent combinator that isn't a single space character (E.g. .a .b) is stored in the AST has changed.
  • Named Combinators (E.g. .a /for/ .b) are now properly parsed as a combinator.
  • It is now possible to look up a node based on the source location of a character in that node and to query nodes if they contain some character.
  • Several bug fixes that caused the parser to hang and run out of memory when a / was encountered have been fixed.
  • The minimum supported version of Node is now v6.0.0.

Changes to the Descendent Combinator

In prior releases, the value of a descendant combinator with multiple spaces included all the spaces.

  • .a .b: Extra spaces are now stored as space before.
    • Old & Busted:
      • combinator.value === " "
    • New hotness:
      • combinator.value === " " && combinator.spaces.before === " "
  • .a /*comment*/.b: A comment at the end of the combinator causes extra space to become after space.
    • Old & Busted:
      • combinator.value === " "
      • combinator.raws.value === " /*comment/"
    • New hotness:
      • combinator.value === " "
      • combinator.spaces.after === " "
      • combinator.raws.spaces.after === " /*comment*/"
  • .a<newline>.b: whitespace that doesn't start or end with a single space character is stored as a raw value.
    • Old & Busted:
      • combinator.value === "\n"
      • combinator.raws.value === undefined
    • New hotness:
      • combinator.value === " "
      • combinator.raws.value === "\n"

Support for "Named Combinators"

Although, nonstandard and unlikely to ever become a standard, combinators like /deep/ and /for/ are now properly supported.

Because they've been taken off the standardization track, there is no spec-official name for combinators of the form /<ident>/. However, I talked to Tab Atkins and we agreed to call them "named combinators" so now they are called that.

Before this release such named combinators were parsed without intention and generated three nodes of type "tag" where the first and last nodes had a value of "/".

  • .a /for/ .b is parsed as a combinator.
    • Old & Busted:
      • root.nodes[0].nodes[1].type === "tag"
      • root.nodes[0].nodes[1].value === "/"
    • New hotness:
      • root.nodes[0].nodes[1].type === "combinator"
      • root.nodes[0].nodes[1].value === "/for/"
  • .a /F\6fR/ .b escapes are handled and uppercase is normalized.
... (truncated)
Changelog

Sourced from postcss-selector-parser's changelog.

5.0.0

  • Allow escaped dot within class name.
  • Update PostCSS to 7.0.7 (patch)

5.0.0-rc.4

  • Fixed an issue where comments immediately after an insensitive (in attribute)
    were not parsed correctly.
  • Updated cssesc to 2.0.0 (major).
  • Removed outdated integration tests.
  • Added tests for custom selectors, tags with attributes, the universal
    selector with pseudos, and tokens after combinators.

5.0.0-rc.1

To ease adoption of the v5.0 release, we have relaxed the node version
check performed by npm at installation time to allow for node 4, which
remains officially unsupported, but likely to continue working for the
time being.

5.0.0-rc.0

This release has BREAKING CHANGES that were required to fix regressions
in 4.0.0 and to make the Combinator Node API consistent for all combinator
types. Please read carefully.

Summary of Changes

  • The way a descendent combinator that isn't a single space character (E.g. .a .b) is stored in the AST has changed.
  • Named Combinators (E.g. .a /for/ .b) are now properly parsed as a combinator.
  • It is now possible to look up a node based on the source location of a character in that node and to query nodes if they contain some character.
  • Several bug fixes that caused the parser to hang and run out of memory when a / was encountered have been fixed.
  • The minimum supported version of Node is now v6.0.0.

Changes to the Descendent Combinator

In prior releases, the value of a descendant combinator with multiple spaces included all the spaces.

  • .a .b: Extra spaces are now stored as space before.
    • Old & Busted:
      • combinator.value === " "
    • New hotness:
      • combinator.value === " " && combinator.spaces.before === " "
  • .a /*comment*/.b: A comment at the end of the combinator causes extra space to become after space.
    • Old & Busted:
      • combinator.value === " "
      • combinator.raws.value === " /*comment/"
    • New hotness:
      • combinator.value === " "
... (truncated)
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will not automatically merge this PR because it includes an out-of-range update to a production dependency.

Note: This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.

You can always request more updates by clicking Bump now in your Dependabot dashboard.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

@dependabot-preview
Update postcss-selector-parser requirement from ^3.1.0 to ^5.0.0
ab10008 
Updates the requirements on [postcss-selector-parser](https://github.com/postcss/postcss-selector-parser) to permit the latest version.
- [Release notes](https://github.com/postcss/postcss-selector-parser/releases)
- [Changelog](https://github.com/postcss/postcss-selector-parser/blob/master/CHANGELOG.md)
- [Commits](postcss/postcss-selector-parser@v3.1.0...5.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@vankop
Copy link
Member

vankop commented Sep 5, 2019

@dependabot help

@dependabot-preview
Copy link
Contributor Author

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

@vankop
Copy link
Member

vankop commented Sep 5, 2019

@hudochenkov @dependabot ignore this dependency ?

@hudochenkov
Copy link
Member

@dependabot ignore this minor version

@dependabot-preview
Copy link
Contributor Author

OK, I won't notify you about version 5.0.x again, unless you re-open this PR or update to a 5.0.x release yourself.

@dependabot-preview dependabot-preview bot deleted the dependabot/npm_and_yarn/postcss-selector-parser-tw-5.0.0 branch September 5, 2019 10:54
@hudochenkov
Copy link
Member

@vankop completely ignoring would be too drastic solution.

@hudochenkov
Copy link
Member

Update is happening in #3988

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@vankop @hudochenkov