Skip to content

build(deps): bump postcss and vue-loader #54698

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
susnux merged 1 commit into from
Sep 20, 2025
Merged

build(deps): bump postcss and vue-loader #54698

susnux merged 1 commit into from
Sep 20, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 28, 2025

Bumps postcss to 8.5.6 and updates ancestor dependency vue-loader. These dependencies need to be updated together.

Updates postcss from 7.0.39 to 8.5.6

Release notes

Sourced from postcss's releases.

8.5.6

  • Fixed ContainerWithChildren type discriminating (by @​Goodwine).

8.5.5

  • Fixed package.jsonexports compatibility with some tools (by @​JounQin).

8.5.4

8.5.3

8.5.2

8.5.1

8.5 “Duke Alloces”

PostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.

@​romainmenke during his work on Stylelint added Input#document in additional to Input#css.

root.source.input.document //=> "<p>Hello</p>
                           //    <style>
                           //    p {
                           //      color: green;
                           //    }
                           //    </style>"
root.source.input.css      //=> "p {
                           //      color: green;
                           //    }"

Thanks to Sponsors

This release was possible thanks to our community.

If your company wants to support the sustainability of front-end infrastructure or wants to give some love to PostCSS, you can join our supporters by:

... (truncated)

Changelog

Sourced from postcss's changelog.

8.5.6

  • Fixed ContainerWithChildren type discriminating (by @​Goodwine).

8.5.5

  • Fixed package.jsonexports compatibility with some tools (by @​JounQin).

8.5.4

8.5.3

8.5.2

8.5.1

8.5 “Duke Alloces”

  • Added Input#document for sources like CSS-in-JS or HTML (by @​romainmenke).

8.4.49

8.4.48

  • Fixed position calculation in error/warnings methods (by @​romainmenke).

8.4.47

  • Removed debug code.

8.4.46

  • Fixed Cannot read properties of undefined (reading 'before').

8.4.45

  • Removed unnecessary fix which could lead to infinite loop.

8.4.44

  • Another way to fix markClean is not a function error.

8.4.43

  • Fixed markClean is not a function error.

8.4.42

  • Fixed CSS syntax error on long minified files (by @​varpstar).

8.4.41

... (truncated)

Commits

Updates vue-loader from 15.11.1 to 17.4.2

Release notes

Sourced from vue-loader's releases.

v17.3.1

Bug Fixes

  • do not skip style post loader for v-bind() in non-scoped CSS (d7071bb), closes #2061

v17.3.0

Bug Fixes

Features

  • skip normal css files without scoped flag in stylePostLoader (#2053) (98782e7)

v17.2.2

Bug Fixes

v17.2.1

Features

  • A new experimentalInlineMatchResource option (webpack 5 only), which leverages webpack 5's inline matchResource feature in the underlying implementation, and works well with the experiments.css feature This also makes vue-loader compatible with Rspack (#2046) (3149f6d).

Note: v17.2.0 was released by accident; it has the same content as v17.1.2, therefore not included in the Releases page.

v17.1.2

Bug Fixes

  • keep build stable when run in a different path (#2040) (a81dc0f)
  • properly close the watcher after webpack 4 tests (40b93b9)

v17.1.1

Bug Fixes

  • support experimental propsDestructure and defineModel options (6269698)

v17.1.0

Bug Fixes

Features

  • support 3.3 imported types hmr (bbd98fc)

Full Changelog: vuejs/vue-loader@v17.0.1...v17.1.0

... (truncated)

Changelog

Sourced from vue-loader's changelog.

17.4.2 (2023-12-30)

Bug Fixes

  • pass compilerOptions to sfc parse & re-enable AST reuse (d2a2e05)

17.4.1 (2023-12-30)

Bug Fixes

  • (temporarily) disable template ast reuse (31b03af)

17.4.0 (2023-12-25)

Features

  • leverage ast reuse in 3.4 (479835f)

17.3.1 (2023-10-31)

Bug Fixes

  • do not skip style post loader for v-bind() in CSS (d7071bb), closes #2061

17.3.0 (2023-10-07)

Bug Fixes

Features

  • skip normal css files without scoped flag in stylePostLoader (#2053) (98782e7)

17.2.2 (2023-06-02)

... (truncated)

Commits

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
vue-loader [>= 17.a, < 18]
vue-loader [>= 16.a, < 17]

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot requested review from a team as code owners August 28, 2025 10:15
@dependabot dependabot bot requested review from nfebe, susnux and szaimen and removed request for a team August 28, 2025 10:15
@susnux
Copy link
Contributor

susnux commented Aug 28, 2025

vue loader v17+ is Vue 3 only!

@susnux
chore(deps): update sass and postcss
ed0431f 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
@susnux susnux force-pushed the dependabot/npm_and_yarn/multi-46c778355a branch from b03ab1f to ed0431f Compare September 20, 2025 21:02
@susnux susnux merged commit bd16db6 into master Sep 20, 2025
138 of 141 checks passed
@susnux susnux deleted the dependabot/npm_and_yarn/multi-46c778355a branch September 20, 2025 21:42
@nextcloud-bot nextcloud-bot mentioned this pull request Jan 6, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@susnux susnux susnux approved these changes

@github-actions github-actions[bot] github-actions[bot] approved these changes

@nfebe nfebe Awaiting requested review from nfebe nfebe is a code owner automatically assigned from nextcloud/server-frontend

@szaimen szaimen Awaiting requested review from szaimen szaimen is a code owner automatically assigned from nextcloud/server-frontend

Assignees

No one assigned

Labels

3. to review Waiting for reviews feature: dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@susnux