[Snyk] Upgrade: markdown-it, , algoliasearch, autoprefixer, cheerio, highlight.js, markdown-it-attrs, postcss, sass, tailwindcss, terser #1
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade multiple dependencies.
👯 The following dependencies are linked and will therefore be updated together.ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
markdown-it
from 13.0.1 to 13.0.2 | 1 version ahead of your current version | a year ago
on 2023-09-26
@11ty/eleventy-fetch
from 4.0.0 to 4.0.1 | 1 version ahead of your current version | 6 months ago
on 2024-03-04
algoliasearch
from 4.22.1 to 4.24.0 | 5 versions ahead of your current version | 3 months ago
on 2024-06-25
autoprefixer
from 10.4.17 to 10.4.20 | 3 versions ahead of your current version | a month ago
on 2024-08-02
cheerio
from 1.0.0-rc.12 to 1.0.0 | 1 version ahead of your current version | a month ago
on 2024-08-09
highlight.js
from 11.7.0 to 11.10.0 | 3 versions ahead of your current version | 2 months ago
on 2024-07-06
markdown-it-attrs
from 4.1.6 to 4.2.0 | 1 version ahead of your current version | a month ago
on 2024-08-11
postcss
from 8.4.34 to 8.4.41 | 7 versions ahead of your current version | a month ago
on 2024-08-05
sass
from 1.58.2 to 1.77.8 | 49 versions ahead of your current version | 2 months ago
on 2024-07-11
tailwindcss
from 3.4.1 to 3.4.10 | 9 versions ahead of your current version | a month ago
on 2024-08-13
terser
from 5.27.0 to 5.31.6 | 19 versions ahead of your current version | a month ago
on 2024-08-13
Issues fixed by the recommended upgrade:
SNYK-JS-MARKDOWNIT-6483324
Release notes
Package name: markdown-it
13.0.2 released
Merge branch 'master' of github.com:markdown-it/markdown-it
Package name: @11ty/eleventy-fetch
No content.
What's Changed
dryRun
will allow reading of cached files for re-use in serverless contexts, thank you @ ryangittings! #28Full Milestone: https://github.com/11ty/eleventy-fetch/issues?q=is%3Aclosed+milestone%3A%22Eleventy+Fetch+v4.0.0%22
Full Changelog: v3.0.0...v4.0.0
Package name: algoliasearch
Package name: autoprefixer
fit-content
prefix for Firefox.end value has mixed support, consider using flex-end
warning sinceend
/start
now have good support.-webkit-box-orient
on-webkit-line-clamp
(@ Goodwine).user-select: contain
prefixes.Package name: cheerio
Cheerio 1.0 is here! 🎉
Announcement Blog Post
Breaking Changes
The minimum NodeJS version is now 18.17 or higher #3959
Import paths were simplified. For example, use
cheerio/slim
instead ofcheerio/lib/slim
. #3970The deprecated default Cheerio instance and static methods were removed. #3974
Before, it was possible to write code like this:
html(cheerio('<test></test>')); // ~ '<test></test>' -- NO LONGER WORKS
Make sure to always load documents first:
cheerio.load('<test></test>').html();
Node types previously re-exported by Cheerio must now be imported directly
from (
domhandler
)(https://github.com/fb55/domhandler). #3969htmlparser2 options now reside exclusively under the
xml
key (#2916):New Features
Fixes
cheerio/utils
by @ blixt in #2601data
, and simplify by @ fb55 in #2818closest
be able to start from text nodes by @ Qualtagh in #2811Other
Full Changelog: v1.0.0-rc.12...v1.0.0
Bugfix release. Fixed issues:
prop
undefined handling with jQuery by @ fb55 in #2557cheerio/lib/utils
by @ blixt in #2601New Contributors
Full Changelog: v1.0.0-rc.11...v1.0.0-rc.12
Package name: highlight.js
Sorry for the wait, this one is a doozie, thanks to all the contributors who made it possible!
CAVEATS / POTENTIALLY BREAKING CHANGES
Important
This version drops support for Node 16.x, which is no longer supported by Node.js.
Core Grammars:
satisfies
operator Kisaragi Hiuor
conflicts with string highlighting Mohamed Aliself
variable [Lee Falin][]goto
to be recognized as a keyword in Java Alvin Joysudo
Alvin Joynew
keyword without capturing it within variables/class names Cameron Taylor_
separators, add hex p exponents Lisa Ugrayjustify-items
andjustify-self
attributes Vasily Polovnyovaccent-color
,appearance
,color-scheme
,rotate
,scale
andtranslate
attributes Carl Räftingselect
,option
,optgroup
,picture
andsource
to list of known tags Vasily Polovnyovinset
,inset-*
,border-start-*-radius
andborder-end-*-radius
attributes Vasily Polovnyovtext-decoration-skip-ink
,text-decoration-thickness
andtext-underline-offset
attributes Vasily PolovnyovNew Grammars:
Developer Tool:
highlight
API Misha KaletskyThemes:
1c-light
theme a like in the IDE 1C:Enterprise 8 (for 1c) Vitaly BarilkoVersion 11.9.0
CAVEATS / POTENTIALLY BREAKING CHANGES
node
buildstyles/*.css
files now ship un-minifiedwith minified counterparts as:
styles/*.min.css
mvorisek(this makes things consistent with our
cdn
builds)Parser:
New Grammars:
Core Grammars:
if
while
for
[Omar Hussein][]x0-x30
andw0-w30
ARMv8 registers Nicholas Thompsonfinal
,is
,macro
keywords and$
identifiers Robert Borgheseabstract
declaration from keyword Robert Borghesemacro
keyword Bradley Mackey@ unchecked
and@ Sendable
support Bradley Mackey//> using foo bar
[Jamie Thompson][]!assert
compiler flag [idleberg][]eprintln!
macro qoheniacwarn_unqualified_access
is an attribute Bradley Mackeyrecord
andvar
as keywords Guillaume LaforgeDeveloper Tool:
highlight
API. Shah Shabbir AhmmedChangelog
Parser engine:
__emitTokens
key to grammars to allow then to direct their own parsing, only using Highlight.js for the HTML rendering Josh GoebelremovePlugin
api faga295JavaScript
Cyrus KaoNew Grammars:
Core Grammars:
_
in variable names [joshgoebel][]proto
alias for Protobuf [dimitropoulos][]base
,interface
,sealed
, andwhen
keywords Sam Rawlins->
operator legal) Keyacomselect
anduntil
as keywordsVersion 11.7.0
New Grammars:
Grammars:
scm
alias for Scheme matyklug18<T =
are not JSX Josh Goebel((
keyword Nick Chambersimport()
as a function, rather a keyword nathnolt((
keyword Nick ChambersImprovements:
Package name: markdown-it-attrs
What's Changed
New Contributors
Full Changelog: v4.1.6...v4.2.0
Fix empty quoted attr value eats the next attr: #147
Thanks @ ZakKemble
Package name: postcss
CssSyntaxError
types (by @ romainmenke).endIndex: 0
in errors and warnings (by @ romainmenke).Package name: sass
To install Sass 1.77.8, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.
Changes
See the full changelog for changes in earlier releases.
See sass/sass#3885
…264)
To install Sass 1.77.5, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.
Changes
@ extend
.See the full changelog for changes in earlier releases.
To install Sass 1.77.4, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.
Changes
Embedded Sass
Support passing
Version
input forfatalDeprecations
as string over embedded protocol.Fix a bug in the JS Embedded Host where
Version
could be incorrectly accepted as input forsilenceDeprecations
andfutureDeprecations
in pure JS.See the full changelog for changes in earlier releases.
Package name: tailwindcss
Fixed
Fixed
vendor
foldersFixed
Fixed
data-*
andaria-*
modifiers are always quoted in the generated CSS (#14037)Fixed
Changed
:is()
wrapping rules when using an important selector (#13900)Fixed
var()
injection for anchor properties (#13826)blur(0px)
forbackdrop-blur-none
andblur-none
utilities (#13830).mts
and.cts
config file detection (#13940)px-1
unnecessarily when using utilities likepx-1.5
(#13959)-webkit-backdrop-filter
forbackdrop-*
utilities (#13997)Package name: terser
5.31.6
5.31.5
5.31.4
5.31.3
5.31.2
5.31.1
5.31.0
5.30.4
5.30.3
5.30.2
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: