chore(deps): update dependency postcss to v8.4.39 [security] - autoclosed

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
postcss (source)	8.4.38 -> 8.4.39

GitHub Vulnerability Alerts

CVE-2023-44270

An issue was discovered in PostCSS before 8.4.31. It affects linters using PostCSS to parse external Cascading Style Sheets (CSS). There may be \r discrepancies, as demonstrated by @font-face{ font:(\r/*);} in a rule.

This vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being originally included in a comment.

---

Release Notes

postcss/postcss (postcss)

v8.4.39

Compare Source

• Fixed CssSyntaxError types (by @​romainmenke).

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: package-lock.json

npm error code ERESOLVE
npm error ERESOLVE could not resolve
npm error
npm error While resolving: @vue/eslint-config-standard@8.0.1
npm error Found: eslint@7.32.0
npm error node_modules/eslint
npm error   peer eslint@"^7.5.0 || ^8.0.0" from @babel/eslint-parser@7.24.1
npm error   node_modules/@babel/eslint-parser
npm error     dev @babel/eslint-parser@"^7.11.0" from the root project
npm error   peer eslint@"^6.0.0 || ^7.0.0 || >=8.0.0" from @eslint-community/eslint-utils@4.4.0
npm error   node_modules/@eslint-community/eslint-utils
npm error     @eslint-community/eslint-utils@"^4.4.0" from eslint-plugin-vue@9.25.0
npm error     node_modules/eslint-plugin-vue
npm error       peer eslint-plugin-vue@"^9.2.0" from @vue/eslint-config-standard@8.0.1
npm error       node_modules/@vue/eslint-config-standard
npm error         dev @vue/eslint-config-standard@"^8.0.0" from the root project
npm error       1 more (the root project)
npm error   12 more (eslint-plugin-n, eslint-utils, eslint-plugin-es, ...)
npm error
npm error Could not resolve dependency:
npm error peer eslint@"^8.0.1" from @vue/eslint-config-standard@8.0.1
npm error node_modules/@vue/eslint-config-standard
npm error   dev @vue/eslint-config-standard@"^8.0.0" from the root project
npm error
npm error Conflicting peer dependency: eslint@8.57.1
npm error node_modules/eslint
npm error   peer eslint@"^8.0.1" from @vue/eslint-config-standard@8.0.1
npm error   node_modules/@vue/eslint-config-standard
npm error     dev @vue/eslint-config-standard@"^8.0.0" from the root project
npm error
npm error Fix the upstream dependency conflict, or retry
npm error this command with --force or --legacy-peer-deps
npm error to accept an incorrect (and potentially broken) dependency resolution.
npm error
npm error
npm error For a full report see:
npm error /tmp/renovate/cache/others/npm/_logs/2024-09-25T13_09_40_498Z-eresolve-report.txt
npm error A complete log of this run can be found in: /tmp/renovate/cache/others/npm/_logs/2024-09-25T13_09_40_498Z-debug-0.log