Skip to content

chore(deps): bump postcss from 8.5.6 to 8.5.15#7529

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/postcss-8.5.15
Closed

chore(deps): bump postcss from 8.5.6 to 8.5.15#7529
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/postcss-8.5.15

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 22, 2026
edited
Loading

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Bumps postcss from 8.5.6 to 8.5.15.

Release notes

Sourced from postcss's releases.

8.5.15

  • Fixed declaration parsing performance (by @​homanp).

8.5.14

8.5.13

  • Fixed postcss-scss commend regression.

8.5.12

  • Fixed reading any file via user-generated CSS.
  • Added opts.unsafeMap to disable checks.

8.5.11

  • Fixed nested brackets parsing performance (by @​offset).

8.5.10

  • Fixed XSS via unescaped </style> in non-bundler cases (by @​TharVid).

8.5.9

  • Speed up source map encoding paring in case of the error.

8.5.8

  • Fixed Processor#version.

8.5.7

  • Improved source map annotation cleaning performance (by CodeAnt AI).
Changelog

Sourced from postcss's changelog.

8.5.15

  • Fixed declaration parsing performance (by @​homanp).

8.5.14

8.5.13

  • Fixed postcss-scss commend regression.

8.5.12

  • Fixed reading any file via user-generated CSS.
  • Added opts.unsafeMap to disable checks.

8.5.11

  • Fixed nested brackets parsing performance (by @​offset).

8.5.10

  • Fixed XSS via unescaped </style> in non-bundler cases (by @​TharVid).

8.5.9

  • Speed up source map encoding paring in case of the error.

8.5.8

  • Fixed Processor#version.

8.5.7

  • Improved source map annotation cleaning performance (by CodeAnt AI).
Commits
  • eae46db Release 8.5.15 version
  • 79508ff Update CI actions
  • b128e21 Speed up declaration parsing by avoiding creating new array on each token
  • 9825dca Fix code format
  • 55789c8 Update dependencies
  • 84fbbe9 Install older pnpm action for old Node.js
  • 9f860bd Revert pnpm action for old Node.js
  • 0877198 Update CI actions
  • b2d1a33 Fix linter warnings
  • 0700dac Merge pull request #2088 from rootvector2/add-oss-fuzz-harness
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 22, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/postcss-8.5.15 branch from 14bcad4 to 073c611 Compare May 23, 2026 00:15
@radium-v radium-v mentioned this pull request May 24, 2026
Merged
2 tasks
@dependabot
chore(deps): bump postcss from 8.5.6 to 8.5.15
65d05e4 
Bumps [postcss](https://github.com/postcss/postcss) from 8.5.6 to 8.5.15.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.5.6...8.5.15)

---
updated-dependencies:
- dependency-name: postcss
  dependency-version: 8.5.15
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/postcss-8.5.15 branch from 073c611 to 65d05e4 Compare May 26, 2026 22:34
janechu pushed a commit that referenced this pull request May 27, 2026
@radium-v
chore: update dependencies in package.json (#7533)
e92f289 
# Pull Request

## 📖 Description

Removes unused root-level dependencies from the FAST monorepo and replaces `@types/express` with `@types/node`, which more accurately reflects the project's actual runtime environment.

**Removed:**
- `@types/express`
- `esm`
- `express`
- `glob`
- `yargs`

**Added:**
- `@types/node`

Also removes the `overrides` block, which was only needed to pin `glob` transitively through `sucrase` and `read-package-json`.

### 🎫 Issues

This PR supersedes #7528, #7529, and #7530.

## 📑 Test Plan

All existing tests pass. No functional code was changed as this is a dependency cleanup only.

## ✅ Checklist

### General

- [x] I have tested my changes.
- [x] I have read the [CONTRIBUTING](https://github.com/microsoft/fast/blob/main/CONTRIBUTING.md) documentation and followed the [standards](https://github.com/microsoft/fast/blob/main/CODE_OF_CONDUCT.md#our-standards) for this project.
@janechu
Copy link
Copy Markdown
Collaborator

janechu commented May 27, 2026

Resolved with #7533

@janechu janechu closed this May 27, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 27, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/postcss-8.5.15 branch May 27, 2026 17:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chrisdholt chrisdholt Awaiting requested review from chrisdholt chrisdholt is a code owner

@janechu janechu Awaiting requested review from janechu janechu is a code owner

@radium-v radium-v Awaiting requested review from radium-v radium-v is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@janechu