[Snyk] Fix for 1 vulnerabilities

[DamionWaltermeyer]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3	Improper Input Validation SNYK-JS-POSTCSS-5926692	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: css-loader

The new version differs by 76 commits.

• 1351e3a chore(release): 5.0.0
• 747d62b feat: allow named exports to have underscores in names (#1209)
• 7bfe85d chore(deps): update (#1208)
• b5c9379 feat: postcss@8 (#1204)
• 92fe103 docs: context is localIdentContext in README (#1202)
• e5a9272 chore(deps): update (#1203)
• 63b41be refactor: emoji deprecate
• 9f974be feat: reduce runtime
• d779eb1 feat: escape getLocalIdent by default (#1196)
• dd52931 feat: hide warning on no plugins (#1195)
• 52412f6 feat: improve error message
• 0f95841 feat: add fallback if custom getLocalIdent returns null (#1193)
• 2f1573f feat: auto enable icss modules
• df111b8 test: import with file protocol
• cfe669f refactor: remove icss option (#1189)
• 57eb505 chore(release): 4.3.0
• 3ddcc7b chore(deps): update deps (#1186)
• 88b8ddc fix: line breaks in `url` function
• 8b865fe test: source map (#1180)
• ec58a7c feat: the `importLoaders` can be `string` (#1178)
• df490c7 test: sass-loader next (#1177)
• 26a3062 chore(release): 4.2.2
• e42f046 refactor: improve sources handling in source maps (#1176)
• 4ce556a docs: fix type (#1174)

See the full diff

Package name: purgecss-webpack-plugin

The new version differs by 51 commits.

• 4a2a950 build: 3.0.0
• 10315a8 build: changelog 3.0
• 7af7215 build: add exports auto to rollup build script
• 0f17705 docs: add sponsor
• 761eed8 fix(CLI): exit process on error with code 1
• c871293 build: fix build errors
• 1f192e8 build: fix eslint errors
• 9cb763e refactor: remove unused file cmd.ts
• d60f7e0 docs: change CLI option no longer require to be comma separated
• 35e5c45 feat(CLI): use variadic options for css, content
• d4fb6fa docs: add blocklist option
• 3961afb feat(CLI): add blocklist option
• 2c3d700 build(dependencies): update dependencies
• 5515409 build(deps-dev): bump mini-css-extract-plugin from 0.9.0 to 0.11.0
• 300afc4 build(deps-dev): bump ts-node from 8.10.2 to 9.0.0
• 2d24c84 build(deps-dev): bump ts-node from 8.10.2 to 9.0.0
• 9139b65 build(deps-dev): bump grunt from 1.2.1 to 1.3.0
• 84d563a build(deps-dev): bump typescript from 3.9.7 to 4.0.2
• aed7462 build(deps-dev): bump typescript from 3.9.7 to 4.0.2
• 2f2b8e6 build(deps-dev): bump rollup-plugin-terser from 6.1.0 to 7.0.1
• e45f490 docs: fix typo
• 18a617e build(deps-dev): bump rollup-plugin-terser from 6.1.0 to 7.0.1
• 10d1efc build(deps-dev): bump mini-css-extract-plugin from 0.9.0 to 0.11.0
• 6f0cab7 build(deps-dev): bump grunt from 1.2.1 to 1.3.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Improper Input Validation