upgrade postcss #169
upgrade postcss #169
Conversation
|
cc @bholloway |
|
I read "changes to API" and thought the worst, thanks for showing this change is not too painful. 👍 Although I am not sure how to time this. V4 is overdue and it would be nice to ship something compatible with node 8 simply for all those poor souls stuck with old projects. That said I think keeping on top of postcss updates is a good thing so it would be a quick followup if delayed. |
|
Yeah, probably v4 can be released with just adjust loader upgrade and then v5 with new schema utils and postcss. |
|
Webpack 5 requires 10 as minimum and just looking at the v5 project it already has some related tasks
So I will add this to v5. |
|
Is there any workaround atm? |
|
@ZeProf2Code Why? Do you have problem with postcss 7? |
|
I want to upgrade to TailwindCSS 2 and I need PostCSS 8. |
|
AFAIK in this package postcss is used only internally. It should not affect upgrade on your side. |
Ref https://github.com/postcss/postcss/releases/tag/8.0.0 Looks like after all we have to drop node 8 support.
TrySound
force-pushed
the
upgrade-postcss
branch
from
4cba5a5 to
6f4d387
Compare
|
I'm having the same difficulty as @ZeProf2Code when attempting to upgrade PostCSS to version 8. Webpack gets a ton of compile errors pointing back to this package. It seems like PostCSS 7/8 don't coexist peacefully in this context. |
|
Which errors? Might be unrelated problem. |
|
Is there any update because more and more packages are requiring postcss 8 ? |
|
@bholloway when i force the version 4 and postcss 8 everything is working on my end
edit: without the postcss force you still get the error that postcss 8 is required for fontawesome so i guess it's still dependancy issue |
|
@dvdknaap I've been thinking more on this. I could probably put a semver comparitor inthat allows I'm not sure that it would drop support for node 8 per sec, since anyone on node 8 could still use Does that sound like it would work? I mean, the work done by @TrySound is awesome but AFAIK we should be able to use EDIT - This doesn't work as I would have hoped. The |
|
It could also be a peer dependencies ? so the project decide the version it uses and you try to ensure compatiblity with as many versions as you want on your side ? On our side we need to upgrade to postcss 8 because of security fix provided in last release (8.2.10) and this is the last dependency I have which rely on postcss 7 without ugprade option (except force resolution)
|
|
https://nvd.nist.gov/vuln/detail/CVE-2021-23368 resolve-url-loader is a package used by Angular (compiler only), hence flags as a security issue for us |
|
For some reason this is failing hard in E2E tests. As soon as I work out the issue I will merge the PR. If there is any additional work I will do that on the @TrySound et. al. FYI for |
| function eachDeclaration(declaration) { | ||
| const postcssPlugin = { | ||
| postcssPlugin: 'postcss-resolve-url', | ||
| Declaration: (declaration) => { |
There was a problem hiding this comment.
This code has been locking up E2E tests. The test eventually crashes Node with "out of memory" error.
Finally worked out from this migration guide that...
plugins will re-visit all changed or added nodes. You should check if your transformations were already applied and if that is the case—ignore those nodes.
So here the code needs to somehow keep track of visited declarations.
() => {
postcssPlugin: 'postcss-resolve-url',
prepare: () => {
const visited = new Set();
return {
Declaration: (declaration) => {
...
}
};
}
};
I will fix this and make some other tweaks post-merge.
Ref https://github.com/postcss/postcss/releases/tag/8.0.0
Looks like after all we have to drop node 8 support.