[Snyk] Upgrade tailwindcss from 1.4.6 to 3.4.9 #20

snyk-io · 2024-08-30T14:00:58Z

Snyk has created this PR to upgrade tailwindcss from 1.4.6 to 3.4.9.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

The recommended version is 179 versions ahead of your current version.
The recommended version was released on 22 days ago.

Issues fixed by the recommended upgrade:

Issue	Score	Exploit Maturity
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	63	Proof of Concept
Code Injection SNYK-JS-LODASH-1040724	63	Proof of Concept
Prototype Pollution SNYK-JS-LODASH-567746	63	Proof of Concept
Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	63	No Known Exploit
Prototype Pollution SNYK-JS-Y18N-1021887	63	Proof of Concept
Prototype Pollution SNYK-JS-AJV-584908	63	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	63	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	63	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	63	Proof of Concept
Uncontrolled resource consumption SNYK-JS-BRACES-6838727	63	Proof of Concept
Command Injection SNYK-JS-GITPARSE-1290380	63	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	63	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1243891	63	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	63	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	63	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	63	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1085627	63	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	63	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	63	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	63	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595	63	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	63	Proof of Concept
Prototype Pollution SNYK-JS-MINIMIST-2429795	63	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	63	Proof of Concept
Regular Expression Denial of Service (ReDoS) npm:debug:20170905	63	Proof of Concept

Release notes

Package name: tailwindcss

3.4.9 - 2024-08-08
Fixed
- No longer warns when broad glob patterns are detecting vendor folders
3.4.8 - 2024-08-07
Fixed
- Fix minification when using nested CSS (#14105)
- Warn when broad glob patterns are used in the content configuration (#14140)
3.4.7 - 2024-07-25
Fixed
- Fix class detection in Slim templates with attached attributes and ID (#14019)
- Ensure attribute values in data-* and aria-* modifiers are always quoted in the generated CSS (#14037)
3.4.6 - 2024-07-16
Fixed
- Fix detection of some utilities in Slim/Pug templates (#14006)
Changed
- Loosen :is() wrapping rules when using an important selector (#13900)
3.4.5 - 2024-07-15
Fixed
- Disable automatic var() injection for anchor properties (#13826)
- Use no value instead of blur(0px) for backdrop-blur-none and blur-none utilities (#13830)
- Add .mts and .cts config file detection (#13940)
- Don't generate utilities like px-1 unnecessarily when using utilities like px-1.5 (#13959)
- Always generate -webkit-backdrop-filter for backdrop-* utilities (#13997)
3.4.4 - 2024-06-05
Fixed
- Make it possible to use multiple <alpha-value> placeholders in a single color definition (#13740)
- Don't prefix classes in arbitrary values of has-*, group-has-*, and peer-has-* variants (#13770)
- Support negative values for {col,row}-{start,end} utilities (#13781)
- Update embedded browserslist database (#13792)
3.4.3 - 2024-03-27
Fixed
- Revert changes to glob handling (#13384)
3.4.2 - 2024-03-27
Fixed
- Ensure max specificity of 0,0,1 for button and input Preflight rules (#12735)
- Improve glob handling for folders with (, ), [ or ] in the file path (#12715)
- Split :has rules when using experimental.optimizeUniversalDefaults (#12736)
- Sort arbitrary properties alphabetically across multiple class lists (#12911)
- Add mix-blend-plus-darker utility (#12923)
- Ensure dashes are allowed in variant modifiers (#13303)
- Fix crash showing completions in Intellisense when using a custom separator (#13306)
- Transpile import.meta.url in config files (#13322)
- Reset letter spacing for form elements (#13150)
- Fix missing xx-large and remove double x-large absolute size (#13324)
- Don't error when encountering nested CSS unless trying to @ apply a class that uses nesting (#13325)
- Ensure that arbitrary properties respect important configuration (#13353)
- Change dark mode selector so @ apply works correctly with pseudo elements (#13379)
3.4.1 - 2024-01-05
Fixed
- Don't remove keyframe stops when using important utilities (#12639)
- Don't add spaces to gradients and grid track names when followed by calc() (#12704)
- Restore old behavior for class dark mode strategy (#12717)
Added
- Add new selector and variant strategies for dark mode (#12717)
Changed
- Support rtl and ltr variants on same element as dir attribute (#12717)
3.4.0 - 2023-12-19
3.3.7 - 2023-12-18
3.3.6 - 2023-12-04
3.3.5 - 2023-10-25
3.3.4 - 2023-10-24
3.3.3 - 2023-07-13
3.3.2 - 2023-04-25
3.3.1 - 2023-03-30
3.3.0 - 2023-03-28
3.2.7 - 2023-02-16
3.2.6 - 2023-02-08
3.2.5 - 2023-02-08
3.2.4 - 2022-11-11
3.2.3 - 2022-11-09
3.2.2 - 2022-11-04
3.2.1 - 2022-10-21
3.2.0 - 2022-10-19
3.1.8 - 2022-08-05
3.1.7 - 2022-07-29
3.1.6 - 2022-07-11
3.1.5 - 2022-07-07
3.1.4 - 2022-06-21
3.1.3 - 2022-06-14
3.1.2 - 2022-06-10
3.1.1 - 2022-06-09
3.1.0 - 2022-06-09
3.0.24 - 2022-04-12
3.0.23 - 2022-02-16
3.0.22 - 2022-02-11
3.0.21 - 2022-02-10
3.0.20 - 2022-02-10
3.0.19 - 2022-02-07
3.0.18 - 2022-01-28
3.0.17 - 2022-01-26
3.0.16 - 2022-01-24
3.0.15 - 2022-01-15
3.0.14 - 2022-01-14
3.0.13 - 2022-01-11
3.0.12 - 2022-01-07
3.0.11 - 2022-01-05
3.0.10 - 2022-01-04
3.0.9 - 2022-01-03
3.0.8 - 2021-12-28
3.0.7 - 2021-12-17
3.0.6 - 2021-12-16
3.0.5 - 2021-12-15
3.0.4 - 2021-12-15
3.0.3 - 2021-12-15
3.0.2 - 2021-12-13
3.0.1 - 2021-12-11
3.0.0 - 2021-12-09
3.0.0-alpha.2 - 2021-11-08
3.0.0-alpha.1 - 2021-10-01
2.2.19 - 2021-10-29
2.2.18 - 2021-10-29
2.2.17 - 2021-10-13
2.2.16 - 2021-09-26
2.2.15 - 2021-09-10
2.2.14 - 2021-09-08
2.2.13 - 2021-09-08
2.2.12 - 2021-09-08
2.2.11 - 2021-09-07
2.2.10 - 2021-09-06
2.2.9 - 2021-08-30
2.2.8 - 2021-08-27
2.2.7 - 2021-07-23
2.2.6 - 2021-07-21
2.2.5 - 2021-07-21
2.2.4 - 2021-06-23
2.2.3 - 2021-06-23
2.2.2 - 2021-06-18
2.2.1 - 2021-06-18
2.2.0 - 2021-06-17
2.2.0-canary.16 - 2021-06-14
2.2.0-canary.15 - 2021-06-14
2.2.0-canary.14 - 2021-06-10
2.2.0-canary.13 - 2021-06-04
2.2.0-canary.12 - 2021-06-04
2.2.0-canary.11 - 2021-05-29
2.2.0-canary.10 - 2021-05-28
2.2.0-canary.9 - 2021-05-20
2.2.0-canary.8 - 2021-05-14
2.2.0-canary.7 - 2021-05-14
2.2.0-canary.6 - 2021-05-07
2.2.0-canary.5 - 2021-05-07
2.2.0-canary.4 - 2021-05-07
2.2.0-canary.3 - 2021-05-06
2.2.0-canary.2 - 2021-05-06
2.2.0-canary.1 - 2021-05-06
2.1.4 - 2021-06-02
2.1.3 - 2021-06-01
2.1.2 - 2021-04-23
2.1.2-internal.4 - 2021-06-17
2.1.2-internal.3 - 2021-06-17
2.1.2-internal.2 - 2021-06-17
2.1.2-internal.1 - 2021-06-17
2.1.1 - 2021-04-05
2.1.0 - 2021-04-05
2.1.0-canary.2 - 2021-04-05
2.1.0-canary.1 - 2021-04-05
2.0.4 - 2021-03-17
2.0.3 - 2021-02-07
2.0.2 - 2020-12-11
2.0.1 - 2020-11-18
2.0.1-compat - 2020-11-18
2.0.0 - 2020-11-18
2.0.0-compat - 2020-11-18
2.0.0-alpha.25-compat - 2020-11-17
2.0.0-alpha.24-compat - 2020-11-17
2.0.0-alpha.23-compat - 2020-11-16
2.0.0-alpha.25 - 2020-11-17
2.0.0-alpha.24 - 2020-11-17
2.0.0-alpha.23 - 2020-11-16
2.0.0-alpha.22 - 2020-11-16
2.0.0-alpha.21 - 2020-11-15
2.0.0-alpha.20 - 2020-11-14
2.0.0-alpha.19 - 2020-11-14
2.0.0-alpha.18 - 2020-11-14
2.0.0-alpha.17 - 2020-11-13
2.0.0-alpha.16 - 2020-11-12
2.0.0-alpha.15 - 2020-11-12
2.0.0-alpha.14 - 2020-11-11
2.0.0-alpha.13 - 2020-11-11
2.0.0-alpha.12 - 2020-11-10
2.0.0-alpha.11 - 2020-11-10
2.0.0-alpha.10 - 2020-11-09
2.0.0-alpha.9 - 2020-11-07
2.0.0-alpha.8 - 2020-11-06
2.0.0-alpha.7 - 2020-11-05
2.0.0-alpha.6 - 2020-11-04
2.0.0-alpha.5 - 2020-10-30
2.0.0-alpha.4 - 2020-10-29
2.0.0-alpha.3 - 2020-10-27
2.0.0-alpha.2 - 2020-10-25
2.0.0-alpha.1 - 2020-10-21
1.9.6 - 2020-10-23
1.9.5 - 2020-10-19
1.9.4 - 2020-10-17
1.9.3 - 2020-10-16
1.9.2 - 2020-10-14
1.9.1 - 2020-10-13
1.9.0 - 2020-10-12
1.8.13 - 2020-10-10
1.8.12 - 2020-10-07
1.8.11 - 2020-10-06
1.8.10 - 2020-09-14
1.8.9 - 2020-09-13
1.8.8 - 2020-09-11
1.8.7 - 2020-09-10
1.8.6 - 2020-09-09
1.8.5 - 2020-09-07
1.8.4 - 2020-09-07
1.8.3 - 2020-09-05
1.8.2 - 2020-09-05
1.8.1 - 2020-09-04
1.8.0 - 2020-09-04
1.7.6 - 2020-08-29
1.7.5 - 2020-08-26
1.7.4 - 2020-08-26
1.7.3 - 2020-08-20
1.7.2 - 2020-08-19
1.7.1 - 2020-08-19
1.7.0 - 2020-08-18
1.6.3 - 2020-08-18
1.6.2 - 2020-08-03
1.6.1 - 2020-08-02
1.6.0 - 2020-07-28
1.5.2 - 2020-07-21
1.5.1 - 2020-07-15
1.5.0 - 2020-07-15
1.4.6 - 2020-05-08

from tailwindcss GitHub release notes

Important

Warning: This PR contains a major version upgrade, and may be a breaking change.
Check the changes in this PR to ensure they won't cause issues with your project.
This PR was automatically created by Snyk using the credentials of a real user.
Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

📜 Customise PR templates

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade tailwindcss from 1.4.6 to 3.4.9. See this package in npm: tailwindcss See this project in Snyk: https://app.snyk.io/org/cachiman/project/47bf8ff7-2e6b-43f9-9443-382381080b19?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr

google-cla · 2024-08-30T14:01:02Z

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade tailwindcss from 1.4.6 to 3.4.9 #20

[Snyk] Upgrade tailwindcss from 1.4.6 to 3.4.9 #20

snyk-io bot commented Aug 30, 2024

Fixed

Fixed

Fixed

Fixed

Changed

Fixed

Fixed

Fixed

Fixed

Fixed

Added

Changed

google-cla bot commented Aug 30, 2024

[Snyk] Upgrade tailwindcss from 1.4.6 to 3.4.9 #20

Are you sure you want to change the base?

[Snyk] Upgrade tailwindcss from 1.4.6 to 3.4.9 #20

Conversation

snyk-io bot commented Aug 30, 2024

Snyk has created this PR to upgrade tailwindcss from 1.4.6 to 3.4.9.

Issues fixed by the recommended upgrade:

Fixed

Fixed

Fixed

Fixed

Changed

Fixed

Fixed

Fixed

Fixed

Fixed

Added

Changed

google-cla bot commented Aug 30, 2024