postcss
Advanced tools
Comparing version 8.4.6 to 8.4.7
@@ -6,3 +6,3 @@ import Declaration, { DeclarationProps } from './declaration.js' | ||
import Rule, { RuleProps } from './rule.js' | ||
import { WarningOptions } from './warning.js' | ||
import Warning, { WarningOptions } from './warning.js' | ||
import CssSyntaxError from './css-syntax-error.js' | ||
@@ -245,3 +245,3 @@ import Result from './result.js' | ||
*/ | ||
warn(result: Result, text: string, opts?: WarningOptions): void | ||
warn(result: Result, text: string, opts?: WarningOptions): Warning | ||
@@ -248,0 +248,0 @@ /** |
@@ -10,2 +10,7 @@ 'use strict' | ||
const SAFE_COMMENT_NEIGHBOR = { | ||
empty: true, | ||
space: true | ||
} | ||
class Parser { | ||
@@ -422,6 +427,10 @@ constructor(input) { | ||
} else if (type === 'comment') { | ||
prev = tokens[i - 1] | ||
next = tokens[i + 1] | ||
if (prev && next && prev[0] !== 'space' && next[0] !== 'space') { | ||
value += token[1] | ||
prev = tokens[i - 1] ? tokens[i - 1][0] : 'empty' | ||
next = tokens[i + 1] ? tokens[i + 1][0] : 'empty' | ||
if (!SAFE_COMMENT_NEIGHBOR[prev] && !SAFE_COMMENT_NEIGHBOR[next]) { | ||
if (value.slice(-1) === ',') { | ||
clean = false | ||
} else { | ||
value += token[1] | ||
} | ||
} else { | ||
@@ -428,0 +437,0 @@ clean = false |
@@ -10,3 +10,3 @@ 'use strict' | ||
constructor(plugins = []) { | ||
this.version = '8.4.6' | ||
this.version = '8.4.7' | ||
this.plugins = this.normalize(plugins) | ||
@@ -13,0 +13,0 @@ } |
{ | ||
"name": "postcss", | ||
"version": "8.4.6", | ||
"version": "8.4.7", | ||
"description": "Tool for transforming styles with JS plugins", | ||
@@ -68,3 +68,3 @@ "engines": { | ||
"dependencies": { | ||
"nanoid": "^3.2.0", | ||
"nanoid": "^3.3.1", | ||
"picocolors": "^1.0.0", | ||
@@ -71,0 +71,0 @@ "source-map-js": "^1.0.2" |
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
186094
6497
15
Updatednanoid@^3.3.1