Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade tailwindcss from 3.3.2 to 3.4.3 #31

Merged
merged 1 commit into from
May 20, 2024

Conversation

JMARRUJO91
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade tailwindcss from 3.3.2 to 3.4.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 9 versions ahead of your current version.

  • The recommended version was released 2 months ago, on 2024-03-27.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Missing Release of Resource after Effective Lifetime
SNYK-JS-INFLIGHT-6095116
417/1000
Why? Proof of Concept exploit, CVSS 6.2
Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: tailwindcss
  • 3.4.3 - 2024-03-27

    Fixed

    • Revert changes to glob handling (#13384)
  • 3.4.2 - 2024-03-27

    Fixed

    • Ensure max specificity of 0,0,1 for button and input Preflight rules (#12735)
    • Improve glob handling for folders with (, ), [ or ] in the file path (#12715)
    • Split :has rules when using experimental.optimizeUniversalDefaults (#12736)
    • Sort arbitrary properties alphabetically across multiple class lists (#12911)
    • Add mix-blend-plus-darker utility (#12923)
    • Ensure dashes are allowed in variant modifiers (#13303)
    • Fix crash showing completions in Intellisense when using a custom separator (#13306)
    • Transpile import.meta.url in config files (#13322)
    • Reset letter spacing for form elements (#13150)
    • Fix missing xx-large and remove double x-large absolute size (#13324)
    • Don't error when encountering nested CSS unless trying to @ apply a class that uses nesting (#13325)
    • Ensure that arbitrary properties respect important configuration (#13353)
    • Change dark mode selector so @ apply works correctly with pseudo elements (#13379)
  • 3.4.1 - 2024-01-05

    Fixed

    • Don't remove keyframe stops when using important utilities (#12639)
    • Don't add spaces to gradients and grid track names when followed by calc() (#12704)
    • Restore old behavior for class dark mode strategy (#12717)

    Added

    • Add new selector and variant strategies for dark mode (#12717)

    Changed

    • Support rtl and ltr variants on same element as dir attribute (#12717)
  • 3.4.0 - 2023-12-19

    Tailwind CSS

    Tailwind CSS v3.4 has arrived! Check out the announcement post for a guided tour through all of the highlights.

    Added

    • Add svh, lvh, and dvh values to default height/min-height/max-height theme (#11317)
    • Add has-* variants for :has(...) pseudo-class (#11318)
    • Add text-wrap utilities including text-balance and text-pretty (#11320, #12031)
    • Extend default opacity scale to include all steps of 5 (#11832)
    • Update Preflight html styles to include shadow DOM :host pseudo-class (#11200)
    • Increase default values for grid-rows-* utilities from 1–6 to 1–12 (#12180)
    • Add size-* utilities (#12287)
    • Add utilities for CSS subgrid (#12298)
    • Add spacing scale to min-w-*, min-h-*, and max-w-* utilities (#12300)
    • Add forced-color-adjust utilities (#11931)
    • Add forced-colors variant (#11694, #12582)
    • Add appearance-auto utility (#12404)
    • Add logical property values for float and clear utilities (#12480)
    • Add * variant for targeting direct children (#12551)

    Changed

    • Simplify the sans font-family stack (#11748)
    • Disable the tap highlight overlay on iOS (#12299)
    • Improve relative precedence of rtl, ltr, forced-colors, and dark variants (#12584)
  • 3.3.7 - 2023-12-18

    Fixed

    • Fix support for container query utilities with arbitrary values (#12534)
    • Fix custom config loading in Standalone CLI (#12616)
  • 3.3.6 - 2023-12-04

    Fixed

    • Don’t add spaces to negative numbers following a comma (#12324)
    • Don't emit @ config in CSS when watching via the CLI (#12327)
    • Improve types for resolveConfig (#12272)
    • Ensure configured font-feature-settings for mono are included in Preflight (#12342)
    • Improve candidate detection in minified JS arrays (without spaces) (#12396)
    • Don't crash when given applying a variant to a negated version of a simple utility (#12514)
    • Fix support for slashes in arbitrary modifiers (#12515)
    • Fix source maps of variant utilities that come from an @ layer rule (#12508)
    • Fix loading of built-in plugins when using an ESM or TypeScript config with the Standalone CLI (#12506)
  • 3.3.5 - 2023-10-25

    Fixed

    • Fix incorrect spaces around - in calc() expression (#12283)
  • 3.3.4 - 2023-10-24

    Fixed

    • Improve normalisation of calc()-like functions (#11686)
    • Skip calc() normalisation in nested theme() calls (#11705)
    • Fix incorrectly generated CSS when using square brackets inside arbitrary properties (#11709)
    • Make content optional for presets in TypeScript types (#11730)
    • Handle variable colors that have variable fallback values (#12049)
    • Batch reading content files to prevent too many open files error (#12079)
    • Skip over classes inside :not(…) when nested in an at-rule (#12105)
    • Update types to work with Node16 module resolution (#12097)
    • Don’t crash when important and parent selectors are equal in @ apply (#12112)
    • Eliminate irrelevant rules when applying variants (#12113)
    • Improve RegEx parser, reduce possibilities as the key for arbitrary properties (#12121)
    • Fix sorting of utilities that share multiple candidates (#12173)
    • Ensure variants with arbitrary values and a modifier are correctly matched in the RegEx based parser (#12179)
    • Fix crash when watching renamed files on FreeBSD (#12193)
    • Allow plugins from a parent document to be used in an iframe (#12208)
    • Add types for tailwindcss/nesting (#12269)
    • Bump jiti, fast-glob, and browserlist dependencies (#11550)
    • Improve automatic var injection for properties that accept a <dashed-ident> (#12236)
  • 3.3.3 - 2023-07-13

    Fixed

    • Fix issue where some pseudo-element variants generated the wrong selector (#10943, #10962, #11111)
    • Make font settings propagate into buttons, inputs, etc. (#10940)
    • Fix parsing of theme() inside calc() when there are no spaces around operators (#11157)
    • Ensure repeating-conic-gradient is detected as an image (#11180)
    • Move unknown pseudo-elements outside of :is by default (#11345)
    • Escape animation names when prefixes contain special characters (#11470)
    • Don't prefix arbitrary classes in group and peer variants (#11454)
    • Sort classes using position of first matching rule (#11504)
    • Allow variant to be an at-rule without a prelude (#11589)
    • Make PostCSS plugin async to improve performance (#11548)
    • Don’t error when a config file is missing (f97759f)

    Added

    • Add aria-busy utility (#10966)

    Changed

    • Reset padding for <dialog> elements in preflight (#11069)
  • 3.3.2 - 2023-04-25

    Fixed

    • Don’t move unknown pseudo-elements to the end of selectors (#10943, #10962)
    • Inherit gradient stop positions when using variants (#11002)
    • Honor default to position of gradient when using implicit transparent colors (#11002)
    • Ensure @ tailwindcss/oxide doesn't leak in the stable engine (#10988)
    • Ensure multiple theme(spacing[5]) calls with bracket notation in arbitrary properties work (#11039)
    • Normalize arbitrary modifiers (#11057)

    Changed

    • Drop support for Node.js v12 (#11089)
from tailwindcss GitHub release notes
Commit messages
Package name: tailwindcss
  • f1f419a 3.4.3
  • e6c1082 Revert changes to glob handling (#13384)
  • 8430d8b 3.4.2
  • 8b4a2a6 Change dark selector so `@ apply` works correctly with pseudo elements (#13379)
  • 97607f1 Ensure that arbitrary properties respect `important` configuration (#13353)
  • c033f10 Update CHANGELOG.md
  • bda8421 Only detect nesting when using `@ apply` (#13325)
  • 3ba51d1 Remove leading space in `box-shadow`'s `addDefaults` call (#13334)
  • a53d854 Fix missing `xx-large` and remove double `x-large` absolute size (#13324)
  • ea90d3a Reset letter spacing for form elements (#13150)
  • b10b431 Transpile `import.meta.url` in config files (#13322)
  • 44b3b42 Cleanup oxide — Part Bump sharp from 0.32.1 to 0.32.6 in /website #2 (#13312)
  • c28c718 Update esbuild to version 0.20.2 (#13315)
  • 27e4b65 Fix crash showing completions in Intellisense when using a custom separator (#13306)
  • 9b90c53 Cleanup oxide — Part Add files via upload #1 (#13304)
  • d56d241 Ensure dashes are allowed in variant modifiers (#13303)
  • 41e94eb Add missing `workflow_dispatch` (#13302)
  • 3eb8cab 🚨 [security] Update vite 4.3.2 → 5.1.6 (major) (#13287)
  • 3a466bc Update rollup to version 4.13.0 (#13279)
  • 41c90f6 Update sass to version 1.72.0 (#13296)
  • f5408d6 Fix failing integration tests in CI (#13300)
  • d86fd0b CI: Add provenance to all published packages (#13097)
  • de00a62 Update contributing
  • 4429ab8 Update CHANGELOG.md 3.4.1 release date (#13024)

Compare


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.

Snyk has created this PR to upgrade tailwindcss from 3.3.2 to 3.4.3.

See this package in npm:
tailwindcss

See this project in Snyk:
https://app.snyk.io/org/jmarrujo91/project/68b4936a-b59a-42f2-9fd3-6a8d54020f9a?utm_source=github&utm_medium=referral&page=upgrade-pr
Copy link

sonarcloud bot commented May 20, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

@JMARRUJO91 JMARRUJO91 merged commit 2737a8d into master May 20, 2024
5 checks passed
@JMARRUJO91 JMARRUJO91 deleted the snyk-upgrade-53e2ebb6e7466ad5cfba3be7ca0b1742 branch May 20, 2024 18:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants