petri/logview: update postcss to 8.5.12 to fix CVE (#3393)

benhillis · Ben Hillis · Copilot · web-flow · commit 50a7a06ad94e · 2026-04-29T22:32:41.000Z
Fixes Dependabot alert #32 (PostCSS XSS via unescaped `</style>` in CSS stringify output). Updates the lockfile from postcss 8.5.8 → 8.5.12 (vulnerable range was < 8.5.10). The `package.json` already had `^8.5.6` so only the lockfile needed updating. --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
diff --git a/petri/logview/package-lock.json b/petri/logview/package-lock.json
@@ -2161,9 +2161,9 @@
       }
     },
     "node_modules/postcss": {
-      "version": "8.5.8",
-      "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.8.tgz",
-      "integrity": "sha512-OW/rX8O/jXnm82Ey1k44pObPtdblfiuWnrd8X7GJ7emImCOstunGbXUpp7HdBrFQX6rJzn3sPT397Wp5aCwCHg==",
+      "version": "8.5.12",
+      "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.12.tgz",
+      "integrity": "sha512-W62t/Se6rA0Az3DfCL0AqJwXuKwBeYg6nOaIgzP+xZ7N5BFCI7DYi1qs6ygUYT6rvfi6t9k65UMLJC+PHZpDAA==",
       "dev": true,
       "funding": [
         {

Original file line number	Diff line number	Diff line change
`@@ -2161,9 +2161,9 @@`
`2161`	`2161`	`}`
`2162`	`2162`	`},`
`2163`	`2163`	`"node_modules/postcss": {`
`2164`		`- "version": "8.5.8",`
`2165`		`- "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.8.tgz",`
`2166`		`- "integrity": "sha512-OW/rX8O/jXnm82Ey1k44pObPtdblfiuWnrd8X7GJ7emImCOstunGbXUpp7HdBrFQX6rJzn3sPT397Wp5aCwCHg==",`
	`2164`	`+ "version": "8.5.12",`
	`2165`	`+ "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.12.tgz",`
	`2166`	`+ "integrity": "sha512-W62t/Se6rA0Az3DfCL0AqJwXuKwBeYg6nOaIgzP+xZ7N5BFCI7DYi1qs6ygUYT6rvfi6t9k65UMLJC+PHZpDAA==",`
`2167`	`2167`	`"dev": true,`
`2168`	`2168`	`"funding": [`
`2169`	`2169`	`{`