postcss - npm Package Compare versions

Comparing version 8.4.7 to 8.4.8

lib/parser.js

@@ -15,2 +15,10 @@ 'use strict'
 
+function findLastWithPosition(tokens) {
+  for (let i = tokens.length - 1; i >= 0; i--) {
+    let token = tokens[i]
+    let pos = token[3] || token[2]
+    if (pos) return pos
+  }
+}
+
 class Parser {
@@ -181,4 +189,7 @@ constructor(input) {
     }
-    node.source.end = this.getPosition(last[3] || last[2])
 
+    node.source.end = this.getPosition(
+      last[3] || last[2] || findLastWithPosition(tokens)
+    )
+
     while (tokens[0][0] !== 'word') {
@@ -185,0 +196,0 @@ if (tokens.length === 1) this.unknownWord(tokens)

lib/processor.js

@@ -10,3 +10,3 @@ 'use strict'
   constructor(plugins = []) {
-    this.version = '8.4.7'
+    this.version = '8.4.8'
     this.plugins = this.normalize(plugins)
@@ -13,0 +13,0 @@ }

package.json

 {
   "name": "postcss",
-  "version": "8.4.7",
+  "version": "8.4.8",
   "description": "Tool for transforming styles with JS plugins",
@@ -5,0 +5,0 @@ "engines": {

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Fixed alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

186320

increased by0.12%

Lines of code

6506

increased by0.14%

Number of low supply chain risk alerts

8

decreased by-46.67%

No dependency changes