postcss-svg
Advanced tools
postcss-svg - npm Package Compare versions
Comparing version 2.0.0 to 2.1.0
| # Changes to PostCSS SVG | ||
| ### 2.1.0 - 2017-06-23 | ||
| Merge pull request: | ||
| * Support rgb/rgba and hsl/hsla colors in parameters | ||
| https://github.com/Pavliko/postcss-svg/pull/40 | ||
| * Remove unused files | ||
| * Update dependencies; don’t specify minor, patch requirements | ||
| ### 2.0.0 - 2017-05-15 | ||
@@ -4,0 +12,0 @@ |
@@ -110,3 +110,3 @@ /* Tooling | ||
| if (isFilledParam(node)) { | ||
| params[node.nodes[0].value] = node.nodes[2].value; | ||
| params[node.nodes[0].value] = parser.stringify( node.nodes[2] ); | ||
| } | ||
@@ -122,3 +122,3 @@ } | ||
| function isFilledParam(node) { | ||
| return node.type === 'function' && node.value === 'param' && node.nodes.length === 3 && node.nodes[0].type === 'word' && node.nodes[2].type === 'word'; | ||
| return node.type === 'function' && node.value === 'param' && node.nodes.length === 3 && node.nodes[0].type === 'word'; | ||
| } |
| { | ||
| "name": "postcss-svg", | ||
| "version": "2.0.0", | ||
| "version": "2.1.0", | ||
| "description": "Inline SVGs in CSS. Supports SVG Fragments, SVG Parameters.", | ||
@@ -27,14 +27,14 @@ "author": "Jonathan Neal <jonathantneal@hotmail.com>", | ||
| "engines": { | ||
| "node": ">=4.0.0" | ||
| "node": ">=4" | ||
| }, | ||
| "dependencies": { | ||
| "postcss": "^6.0.1", | ||
| "postcss-value-parser": "^3.3.0", | ||
| "xmldoc": "^1.1.0" | ||
| "postcss": "6.x", | ||
| "postcss-value-parser": "3.x", | ||
| "xmldoc": "1.x" | ||
| }, | ||
| "devDependencies": { | ||
| "eslint": "^3.19.0", | ||
| "eslint-config-dev": "2.0.0", | ||
| "postcss-tape": "2.0.1", | ||
| "pre-commit": "^1.2.2", | ||
| "eslint": "4.x", | ||
| "eslint-config-dev": "2.x", | ||
| "postcss-tape": "2.x", | ||
| "pre-commit": "1.x", | ||
| "test-sprite-module": "file:test/sprite-module" | ||
@@ -41,0 +41,0 @@ }, |
Fixed alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Improved metrics
- Number of low supply chain risk alerts
- decreased by-66.67%
2
- Number of medium supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Total package byte prevSize
- decreased by-26.64%
26183
- Number of package files
- decreased by-21.43%
11
- Lines of code
- decreased by-11.76%
420
Dependency changes
Updatedpostcss@6.x
Updatedpostcss-value-parser@3.x
Updatedxmldoc@1.x