Skip to content

Bump tough-cookie, gulp-sass, gulp-svg-sprite and postcss-import #34

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump tough-cookie, gulp-sass, gulp-svg-sprite and postcss-import #34

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 8, 2023

Removes tough-cookie. It's no longer used after updating ancestor dependencies tough-cookie, gulp-sass, gulp-svg-sprite and postcss-import. These dependencies need to be updated together.

Removes tough-cookie

Updates gulp-sass from 3.2.1 to 5.1.0

Release notes

Sourced from gulp-sass's releases.

v5.1.0

Huge shout out to @​XhmikosR for putting a ton of effort into this release 🎉

What's Changed

New Contributors

Full Changelog: dlmanning/gulp-sass@v5.0.0...v5.1.0

v5.0.0

First and foremost a huge shout out to @​mxmason for making this long awaited release possible <3

Breaking changes

  • Require Node >= 12
  • Require Gulp 4
  • Drop dependency on the deprecate node-sass
  • Remove hardcoded default Sass compiler

Upgrading to v5

It is now required to explicitly install a Sass compiler.

npm install gulp-sass sass
</tr></table>

... (truncated)

Changelog

Sourced from gulp-sass's changelog.

gulp-sass Changelog

v5.0.0

June 25, 2021

https://github.com/dlmanning/gulp-sass/releases/tag/v5.0.0

v4.1.1

June 24, 2021

https://github.com/dlmanning/gulp-sass/releases/tag/v4.1.1

v4.1.0

April 23, 2020

https://github.com/dlmanning/gulp-sass/releases/tag/v4.1.0

v4.0.2

October 16, 2018

https://github.com/dlmanning/gulp-sass/releases/tag/v4.0.2

v4.0.1

Apr 8, 2018

https://github.com/dlmanning/gulp-sass/releases/tag/v4.0.1

v4.0.0

April 5, 2018

https://github.com/dlmanning/gulp-sass/releases/tag/v4.0.0

Commits

Updates gulp-svg-sprite from 1.5.0 to 2.0.3

Release notes

Sourced from gulp-svg-sprite's releases.

v2.0.3

What's Changed

  • CI: add macOS too
  • CI: increase mocha timeout to 10000
  • Update README.md
  • Move mocha config to .mocharc.json
  • Fix package.json properties after the repo move
  • Update xo settings

Full Changelog: svg-sprite/gulp-svg-sprite@v2.0.2...v2.0.3

v2.0.2

What's Changed

Full Changelog: svg-sprite/gulp-svg-sprite@v2.0.1...v2.0.2

v2.0.1

  • Updated dependencies

v2.0.0

What's Changed

  • Refactored code
  • Dropped support for Node.js < 12
  • Updated all dependencies including svg-sprite to v2.0.0
  • Reduced dependencies
  • Switched to GitHub Actions
  • Switched to xo for linting

Full Changelog: svg-sprite/gulp-svg-sprite@v1.5.0...v2.0.0

Commits
Maintainer changes

This version was pushed to npm by xhmikosr, a new releaser for gulp-svg-sprite since your current version.


Updates postcss-import from 8.2.0 to 15.1.0

Release notes

Sourced from postcss-import's releases.

14.0.0 / 2020-12-14

This release should not have breaking changes for the vast majority of users; only those with @charset statements in their CSS may be affected.

  • BREAKING: Error if multiple incompatible @charset statements (#447)
  • BREAKING: Warn if @charset statements are not at the top of files (#447)
  • Fix handing of @charset (#436, #447)

13.0.0 / 2020-10-20

  • BREAKING: Require Node 10+ (#429)
  • BREAKING: Upgrade to postcss v8 and require it as a peerDependency (#427, #432)
  • Update dependencies

12.0.0

11.1.0

  • Added: filter option

11.0.0

  • Changed: A syntax error in an imported file now throws an error instead of just warning (#264)
  • Changed: Symlink handling to be consistent with Node.js require (#300)

10.0.0

  • Removed: Support for Node.js versions less than 4.5.x (#283)
  • Changed: Upgraded to Postcss v6 (#283)
  • Removed: jspm support (#283)
  • Removed: deprecated addDependencyTo option
  • Removed: onImport option
  • Changed: Doesn't depend on promise-each (#281)

9.1.0

  • Added: addModulesDirectories option (#256)

9.0.0

  • Removed: transform option (#250)
  • Removed: pkg-resolve is no longer a dependency; this should fix some issues with webpack. jspm users must manually install pkg-resolve if they want to load jspm modules (see https://github.com/postcss/postcss-import#jspm-usage for more info) (#243)
  • Changed: If a file is not found, it will now throw an error instead of just raising a warning (#247)
  • Changed: If a custom resolver does not return an absolute path, the default resolver will be applied to the returned path. (#249)
  • Changed: postcss-import will try to guess the correct parser for imported files, based on the file extension. (#245)

... (truncated)

Changelog

Sourced from postcss-import's changelog.

15.1.0 / 2022-12-07

  • Add data: URL support (this is not useful for most consumers) (#515)

15.0.1 / 2022-12-01

  • Preserve layer in ignored @imports (#510, #511)
  • Join media queries in the correct order (#512, #513)

15.0.0 / 2022-08-30

  • BREAKING: Require Node.js v14+ (#497)
  • BREAKING: Require nameLayer option for handling anonymous layers (#496)
  • Fix handling of @media queries inside layered imports (#495, #496)

14.1.0 / 2022-03-22

  • Add @layer support (#483)

14.0.2 / 2021-05-10

  • Remove remaining direct import of postcss package (#455, #456)

14.0.1 / 2021-03-31

  • Fix bug with @charset statements in media imports (#448, #453)

14.0.0 / 2020-12-14

This release should not have breaking changes for the vast majority of users; only those with @charset statements in their CSS may be affected.

  • BREAKING: Error if multiple incompatible @charset statements (#447)
  • BREAKING: Warn if @charset statements are not at the top of files (#447)
  • Fix handing of @charset (#436, #447)

13.0.0 / 2020-10-20

  • BREAKING: Require Node 10+ (#429)
  • BREAKING: Upgrade to postcss v8 and require it as a peerDependency (#427, #432)
  • Update dependencies

12.0.1 / 2018-10-22

  • Add plugin property to dependency messages (#379, #380)

12.0.0 - 2018-08-04

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump tough-cookie, gulp-sass, gulp-svg-sprite and postcss-import
f1d92be 
Removes [tough-cookie](https://github.com/salesforce/tough-cookie). It's no longer used after updating ancestor dependencies [tough-cookie](https://github.com/salesforce/tough-cookie), [gulp-sass](https://github.com/dlmanning/gulp-sass), [gulp-svg-sprite](https://github.com/svg-sprite/gulp-svg-sprite) and [postcss-import](https://github.com/postcss/postcss-import). These dependencies need to be updated together.


Removes `tough-cookie`

Updates `gulp-sass` from 3.2.1 to 5.1.0
- [Release notes](https://github.com/dlmanning/gulp-sass/releases)
- [Changelog](https://github.com/dlmanning/gulp-sass/blob/master/CHANGELOG.md)
- [Commits](dlmanning/gulp-sass@v3.2.1...v5.1.0)

Updates `gulp-svg-sprite` from 1.5.0 to 2.0.3
- [Release notes](https://github.com/svg-sprite/gulp-svg-sprite/releases)
- [Changelog](https://github.com/svg-sprite/gulp-svg-sprite/blob/main/CHANGELOG.md)
- [Commits](svg-sprite/gulp-svg-sprite@v1.5.0...v2.0.3)

Updates `postcss-import` from 8.2.0 to 15.1.0
- [Release notes](https://github.com/postcss/postcss-import/releases)
- [Changelog](https://github.com/postcss/postcss-import/blob/master/CHANGELOG.md)
- [Commits](postcss/postcss-import@8.2.0...15.1.0)

---
updated-dependencies:
- dependency-name: tough-cookie
  dependency-type: indirect
- dependency-name: gulp-sass
  dependency-type: direct:development
- dependency-name: gulp-svg-sprite
  dependency-type: direct:development
- dependency-name: postcss-import
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jul 8, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants