[Snyk] Fix for 1 vulnerabilities

[sb-benohe]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Uncaught Exception SNYK-JS-YAML-5458867	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: postcss-loader

The new version differs by 61 commits.

• b5c55fb chore(release): 7.1.0
• 8114be4 feat(deps): update `cosmiconfig` (#628)
• 054ee90 docs: fix default value of config (#626) (#627)
• f6e1cde chore(deps-dev): bump webpack from 5.75.0 to 5.76.0 (#625)
• d7070b2 chore: update dependencies to the latest version (#624)
• 5128bee ci: use LTS node version in lint job (#622)
• e1e5195 chore: update dependencies to the latest version (#621)
• e6b2282 ci: use concurrency in github workflows (#620)
• fa8ebf6 chore: update ignorePaths in .cspell.json (#619)
• 5999338 chore(deps): bump json5 from 1.0.1 to 1.0.2 (#618)
• bef937b chore: update dependency review action (#617)
• 2e7f227 chore: update dependencies to the latest version (#616)
• c3f6c57 chore: update dependencies to the latest version (#615)
• 2129116 chore(release): 7.0.2
• 955085f fix: support ESM version of `postcss.config.js` and `postcss.config.mjs` (#614)
• b0f4749 chore: update styfle/cancel-workflow-action (#612)
• ab3ff44 chore: add cSpell to check spelling issues (#610)
• 3177135 chore: update dependencies to the latest version (#609)
• 08b19c7 docs: update cla link (#608)
• 49a0943 ci: add node v19 (#607)
• d274f90 ci: add dependency review action (#606)
• 64af37b chore: update dependencies to the latest version (#605)
• 548e8aa chore: update commitlint action (#604)
• 42a085f chore: run cancel workflow on pull request (#603)

See the full diff

Package name: tailwindcss

The new version differs by 250 commits.

• bd03dec 3.1.5
• 13c2ad0 update changelog
• 1110d92 Update changelog
• 62f0791 Add more explicit types for the default theme (#8780)
• 6e75e6e Update esbuild to version 0.14.48
• 5d04331 Update eslint-plugin-prettier to version 4.2.1
• 10e1b39 Update jest to version 28.1.2
• 6729524 Support font-weight in font-size utilities (#8763)
• 1318cb6 Update changelog
• 1029775 Add support for alpha values in safelist (#8774)
• f135bfa chore: Set permissions for GitHub actions (#8550)
• 8494f75 Don’t prefix selectors in arbitrary variants (#8773)
• 5191ec1 Fix usage of special-character prefixes (#8772)
• c8c4852 Update changelog
• 445970d Fix usage of postcss.config.js in standalone CLI (#8769)
• d4f1f15 Allows fallback values in plugin API helpers (#8762)
• c47e666 Update postcss-load-config to version 4.0.1 (#8686)
• 7b03ee9 Update cssnano to version 5.1.12
• 60a0ae2 Update resolve to version 1.22.1
• 340cca9 Update eslint to version 8.18.0
• 1a30ca0 3.1.4
• 9f479f2 update changelog
• 9c9ce36 Update prettier to version 2.7.1
• 35b070e Fix typo in changelog

See the full diff

Package name: twin.macro

The new version differs by 241 commits.

• 7a309e1 3.0.0
• ac9401b Lint fixes
• 9211179 Package updates
• 659d78b Make shortcss notice show original className
• 83bfc38 Tweak sassyPseudo check
• 3031a63 Fix parent selector on last variant
• 85a0620 Improve auto parent selector on last variant
• fce60bb Merge pull request #749 from ajmnz/theme-default-fix
• 9b08c07 Add support for container queries
• 11ee3a3 allow omitting DEFAULT when using theme
• d55deb9 Add className suggestions for new nested group/peer classes
• aa7f7b0 Update tailwindcss + daisyui deps + add tests
• 2776bca Adjust variant ordering
• f2d5f9f Further improve the auto parent selector
• 404ed35 Add tests for extra dividers
• 090b54e Add extra class divider validation
• b8510db Strip tab escape characters
• 29d55f8 Improve auto variant parent selector
• a40f87d Cover !bg-clip-text
• 946bd52 Add webkit prefix for background-clip: text
• 091b5ff Show suggestion for not-prose when used as class
• 80211db 3.0.0-rc.5
• 83ab7a2 Merge pull request #743 from ben-rogerson/feature/test-upgrades
• a364268 Add jest tests for arbitrary items, config, animation

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.