Bump postcss, autoprefixer, css-loader, cssnano, postcss-inline-svg and postcss-loader

[dependabot]

Bumps postcss to 8.5.6 and updates ancestor dependencies postcss, autoprefixer, css-loader, cssnano, postcss-inline-svg and postcss-loader. These dependencies need to be updated together.

Updates postcss from 7.0.39 to 8.5.6

Release notes

Sourced from postcss's releases.

8.5.6

• Fixed ContainerWithChildren type discriminating (by @​Goodwine).

8.5.5

• Fixed package.json→exports compatibility with some tools (by @​JounQin).

8.5.4

• Fixed Parcel compatibility issue (by @​git-sumitchaudhary).

8.5.3

• Added more details to Unknown word error (by @​hiepxanh).
• Fixed types (by @​romainmenke).
• Fixed docs (by @​catnipan).

8.5.2

• Fixed end position of rules with semicolon (by @​romainmenke).

8.5.1

• Fixed backwards compatibility for complex cases (by @​romainmenke).

8.5 “Duke Alloces”

PostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.

@​romainmenke during his work on Stylelint added Input#document in additional to Input#css.

root.source.input.document //=> "<p>Hello</p>
                           //    <style>
                           //    p {
                           //      color: green;
                           //    }
                           //    </style>"
root.source.input.css      //=> "p {
                           //      color: green;
                           //    }"

Thanks to Sponsors

This release was possible thanks to our community.

If your company wants to support the sustainability of front-end infrastructure or wants to give some love to PostCSS, you can join our supporters by:

• Tidelift with a Spotify-like subscription model supporting all projects from your lock file.
• Direct donations at GitHub Sponsors or Open Collective.

... (truncated)

Changelog

Sourced from postcss's changelog.

8.5.6

• Fixed ContainerWithChildren type discriminating (by @​Goodwine).

8.5.5

• Fixed package.json→exports compatibility with some tools (by @​JounQin).

8.5.4

• Fixed Parcel compatibility issue (by @​git-sumitchaudhary).

8.5.3

• Added more details to Unknown word error (by @​hiepxanh).
• Fixed types (by @​romainmenke).
• Fixed docs (by @​catnipan).

8.5.2

• Fixed end position of rules with semicolon (by @​romainmenke).

8.5.1

• Fixed backwards compatibility for complex cases (by @​romainmenke).

8.5 “Duke Alloces”

• Added Input#document for sources like CSS-in-JS or HTML (by @​romainmenke).

8.4.49

• Fixed custom syntax without source.offset (by @​romainmenke).

8.4.48

• Fixed position calculation in error/warnings methods (by @​romainmenke).

8.4.47

• Removed debug code.

8.4.46

• Fixed Cannot read properties of undefined (reading 'before').

8.4.45

• Removed unnecessary fix which could lead to infinite loop.

8.4.44

• Another way to fix markClean is not a function error.

8.4.43

• Fixed markClean is not a function error.

8.4.42

• Fixed CSS syntax error on long minified files (by @​varpstar).

8.4.41

• Fixed types (by @​nex3 and @​querkmachine).
• Cleaned up RegExps (by @​bluwy).

... (truncated)

Commits

• 91d6eb5 Release 8.5.6 version
• 65ffc55 Update dependencies
• ecd20eb Fix ContainerWithChildren to allow discriminating the node type by comparing ...
• c181597 Release 8.5.5 version
• c5523fb Update dependencies
• 2e3450c refactor: import should be listed before require (#2052)
• 4d720bd Update EM text
• 6cb4a66 Release 8.5.4 version
• ec5c1e0 Update dependencies
• e85e938 Fix code format
• Additional commits viewable in compare view

Updates autoprefixer from 9.8.8 to 10.4.23

Release notes

Sourced from autoprefixer's releases.

10.4.23

• Reduced dependencies (by @​hyperz111).

10.4.22

• Fixed stretch prefixes on new Can I Use database.
• Updated fraction.js.

10.4.21

• Fixed old -moz- prefix for :placeholder-shown (by @​Marukome0743).

10.4.20

• Fixed fit-content prefix for Firefox.

10.4.19

• Removed end value has mixed support, consider using flex-end warning since end/start now have good support.

10.4.18

• Fixed removing -webkit-box-orient on -webkit-line-clamp (@​Goodwine).

10.4.17

• Fixed user-select: contain prefixes.

10.4.16

• Improved performance (by @​romainmenke).
• Fixed docs (by @​coliff).

10.4.15

• Fixed ::backdrop prefixes (by @​yisibl).
• Fixed docs (by @​coliff).

10.4.14

• Improved startup time and reduced JS bundle size (by @​Knagis).

10.4.13

• Fixed missed prefixes on vendor prefixes in name of CSS Custom Property.

10.4.12

• Fixed support of unit-less zero angle in backgrounds (by @​yisibl).

10.4.11

• Fixed text-decoration prefixes by moving to MDN data (by @​romainmenke).

10.4.10

• Fixed unicode-bidi prefixes by moving to MDN data.

10.4.9

• Fixed css-unicode-bidi issue from latest Can I Use.

10.4.8

• Do not print color-adjust warning if print-color-adjust also is in rule.

... (truncated)

Changelog

Sourced from autoprefixer's changelog.

10.4.23

• Reduced dependencies (by @​hyperz111).

10.4.22

• Fixed stretch prefixes on new Can I Use database.
• Updated fraction.js.

10.4.21

• Fixed old -moz- prefix for :placeholder-shown (by @​Marukome0743).

10.4.20

• Fixed fit-content prefix for Firefox.

10.4.19

• Removed end value has mixed support, consider using flex-end warning since end/start now have good support.

10.4.18

• Fixed removing -webkit-box-orient on -webkit-line-clamp (@​Goodwine).

10.4.17

• Fixed user-select: contain prefixes.

10.4.16

• Improved performance (by Romain Menke).
• Fixed docs (by Christian Oliff).

10.4.15

• Fixed ::backdrop prefixes (by 一丝).
• Fixed docs (by Christian Oliff).

10.4.14

• Improved startup time and reduced JS bundle size (by Kārlis Gaņģis).

10.4.13

• Fixed missed prefixes on vendor prefixes in name of CSS Custom Property.

10.4.12

• Fixed support of unit-less zero angle in backgrounds (by 一丝).

10.4.11

• Fixed text-decoration prefixes by moving to MDN data (by Romain Menke).

10.4.10

• Fixed unicode-bidi prefixes by moving to MDN data.

10.4.9

• Fixed css-unicode-bidi issue from latest Can I Use.

10.4.8

... (truncated)

Commits

• 212ba3c Release 10.4.23 version
• 7f62fb6 Update dependencies
• c455bb1 chore: inline and simplify normalize-range (#1539)
• 73dc62c Release 10.4.22 version
• 9973c59 Lock CI action versions
• 4b4feca Fix Node.js 10 on CI
• 15c21d3 Fix old Node.js CI
• 27523c1 Update fraction.js
• 88a0d3e Update dependencies and fix stretch and update example
• 541295c Release 10.4.21 version
• Additional commits viewable in compare view

Updates css-loader from 4.3.0 to 7.1.2

Release notes

Sourced from css-loader's releases.

v7.1.2

7.1.2 (2024-05-22)

Bug Fixes

• keep order of @imports with the webpackIgnore comment (#1600) (76757ef)

v7.1.1

7.1.1 (2024-04-10)

Bug Fixes

• automatically rename class default to _default when named export is enabled (#1590) (d6c31a1)

v7.1.0

7.1.0 (2024-04-08)

Features

• added the getJSON option to output CSS modules mapping (#1577) (af834b4)

v7.0.0

7.0.0 (2024-04-04)

⚠ BREAKING CHANGES

• The modules.namedExport option is true by default if you enable the esModule option

Migration guide:

Before:

import style from "./style.css";
console.log(style.myClass);

After:

import * as style from "./style.css";
console.log(style.myClass);

... (truncated)

Changelog

Sourced from css-loader's changelog.

7.1.2 (2024-05-22)

Bug Fixes

• keep order of @imports with the webpackIgnore comment (#1600) (76757ef)

7.1.1 (2024-04-10)

Bug Fixes

• automatically rename class default to _default when named export is enabled (#1590) (d6c31a1)

7.1.0 (2024-04-08)

Features

• added the getJSON option to output CSS modules mapping (#1577) (af834b4)

7.0.0 (2024-04-04)

⚠ BREAKING CHANGES

• The modules.namedExport option is true by default if you enable the esModule option

Migration guide:

Before:

import style from "./style.css";
console.log(style.myClass);

After:

import * as style from "./style.css";
console.log(style.myClass);

To restore 6.x behavior, please use:

module.exports = {
</tr></table> 

... (truncated)

Commits

• d5ba44a chore(release): 7.1.2
• 76757ef fix: keep order of @imports with the webpackIgnore comment (#1600)
• 4b41689 ci: use node v22 (#1596)
• 2068222 chore: update dependencies to latest version (#1595)
• e006f66 refactor: use environment to get templateLiteral value (#1591)
• 5c717c9 chore(release): 7.1.1
• d6c31a1 fix: automatically rename class default to _default when named export is ...
• b162e25 chore(release): 7.1.0
• 15f793d docs: update logic (#1587)
• 9c165a4 docs: update migration guide (#1586)
• Additional commits viewable in compare view

Updates cssnano from 4.1.11 to 7.1.2

Release notes

Sourced from cssnano's releases.

v7.1.2

What's Changed

• fix: enhanced recognition of css comments by @​Nirvana-Jie in cssnano/cssnano#1730
• chore: use npm trusted publishing by @​ludofischer in cssnano/cssnano#1731
• fix: update browserslist by @​ludofischer in cssnano/cssnano#1733

Full Changelog: https://github.com/cssnano/cssnano/compare/cssnano@7.1.1...cssnano@7.1.2

v71.1.1

Bug Fixes

• fix(convert-values): exclude linear() from stripping % from value 0 by @​cernymatej in cssnano/cssnano#1720

Full Changelog: https://github.com/cssnano/cssnano/compare/cssnano@7.1.0...cssnano@7.1.1

cssnano@7.1.0

Changes

• Update to SVGO 4.0
• Update browserslist

cssnano@7.0.7

What's Changed

• fix: update browserslist by @​ludofischer in cssnano/cssnano#1675
• fix: update postcss peer dependency to version without vulnerabilities by @​ludofischer in cssnano/cssnano#1676
• fix: update TypeScript declarations by @​ludofischer in cssnano/cssnano#1685
• perf: load default preset in startup by @​43081j in cssnano/cssnano#1691
• Add support for selector order preservation to postcss-minify-selectors by @​ezzak in cssnano/cssnano#1688
• fix(postcss-convert-values): preserve percent sign in percentage values in at-rules with double quotes by @​aramikuto in cssnano/cssnano#1695

Full Changelog: https://github.com/cssnano/cssnano/compare/cssnano@7.0.6...cssnano@7.0.7

v7.0.6

What's Changed

• Update postcss-calc and selector-parser by @​ludofischer in cssnano/cssnano#1663
• fix(postcss-convert-values): convert 0ms to 0s by @​btea in cssnano/cssnano#1665

Full Changelog: https://github.com/cssnano/cssnano/compare/cssnano@7.0.5...cssnano@7.0.6

v7.0.5

Bug Fixes

• Fix layer rule deduping cssnano/cssnano#1656

v7.0.4

... (truncated)

Commits

• c847b6b Publish cssnano 7.1.2
• 72dd9c9 fix: update browserslist
• 19849ba chore: update dev dependencies
• ad02c7c chore: use npm trusted publishing
• f31273c fix: enhanced recognition of css comments (#1730)
• bd3b251 chore: update GitHub actions
• bba3b5f chore: update development deps
• 53c4033 test: switch to built-in Node.js test coverage
• ff17fd3 chore: update development dependencies
• c9e493c chore: update pnpm
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for cssnano since your current version.

Updates postcss-inline-svg from 4.1.0 to 6.0.0

Changelog

Sourced from postcss-inline-svg's changelog.

6.0.0

• Dropped Node.js 10 and 12 support.
• Fixed security vulnerabilities in dependencies.

5.0.0

• Migrated to PostCSS 8.
• Dropped Node.js 8 support.

Commits

• bfced35 v6.0.0
• 39b92f6 Update CHANGELOG.md
• 38f9a73 Update dependencies. Drop Node.js 10 and 12 support (#103)
• d90507d Use GitHub Actions badge in readme (#89)
• 06c0b2a v5.0.0
• 1e71aa3 Update changelog
• ac20da0 Migrate to PostCSS 8 (#77)
• 0efcf35 Migrate from Travis to Github Actions (#79)
• ac15e95 Update dependencies (#78)
• 7e7b386 Bump mixin-deep from 1.3.1 to 1.3.2 (#63)
• See full diff in compare view

Updates postcss-loader from 3.0.0 to 8.2.0

Release notes

Sourced from postcss-loader's releases.

v8.2.0

8.2.0 (2025-09-01)

Features

• update jiti from v1 to v2 (9c74974)

v8.1.1

8.1.1 (2024-02-28)

Bug Fixes

• respect default when loading postcss esm configs (52d8050)

v8.1.0

8.1.0 (2024-01-30)

Features

• add @rspack/core as an optional peer dependency (#679) (512e4c3)

v8.0.0

8.0.0 (2024-01-16)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 18.12.0 (#677) (8dd0315)

v7.3.4

7.3.4 (2023-12-27)

Bug Fixes

• do not crash if pkg.(d|devD)ependencies unset (#667) (8ef0c7e)

v7.3.3

7.3.3 (2023-06-10)

Bug Fixes

• perf: avoid using klona for postcss options (#658) (e754c3f)
• bug with loading configurations after updating cosmiconfig to version 8.2 (684d265)

v7.3.2

... (truncated)

Changelog

Sourced from postcss-loader's changelog.

8.2.0 (2025-09-01)

Features

• update jiti from v1 to v2 (9c74974)

8.1.1 (2024-02-28)

Bug Fixes

• respect default when loading postcss esm configs (52d8050)

8.1.0 (2024-01-30)

Features

• add @rspack/core as an optional peer dependency (#679) (512e4c3)

8.0.0 (2024-01-16)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 18.12.0 (#677) (8dd0315)

7.3.4 (2023-12-27)

Bug Fixes

• do not crash if pkg.(d|devD)ependencies unset (#667) (8ef0c7e)

7.3.3 (2023-06-10)

Bug Fixes

• perf: avoid using klona for postcss options (#658) (e754c3f)
• bug with loading configurations after updating cosmiconfig to version 8.2 (684d265)

7.3.2 (2023-05-28)

Bug Fixes

• use cause to keep original errors and warnings (#655) (e8873f4)

... (truncated)

Commits

• 522a07d chore(release): 8.2.0
• 9c74974 feat: update jiti from v1 to v2
• 5a781e5 chore: update github actions/checkout from v4 to v5 (#709)
• b29fde3 chore: upgrade eslint from v8 to v9 (#707)
• cff095a chore: update jest from v29 to v30 (#705)
• 6f470db docs: improving typos in ISSUE_TEMPLATE files (#704)
• 36749e8 docs: fix typos and improve clarity in README.md (#703)
• 26de829 docs: fix typos and improve clarity in contribution guidelines (#702)
• 61e1452 ci: add node v24 (#701)
• 3bafede chore: update codecov-action from v4 to v5 (#698)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for postcss-loader since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.