build: gulp-cssnano is deprecated and causes audit warnings #11869
Comments
So I just finished investigating this. NPM tells us that we need to use With I was able to get everything plumbed together just fine with Beforefunction minifyCss(extraOptions) {
const options = {
autoprefixer: false,
reduceTransforms: false,
svgo: false,
safe: true
};
return gulpCssnano(_.assign(options, extraOptions));
} AfterThe function minifyCss(extraOptions) {
const options = {
reduceTransforms: false,
svgo: false
};
const preset = {
preset: [
'default',
_.assign(options, extraOptions)
]
};
return gulpPostcss([cssnano(preset)]);
} ResultUnfortunately the result was unacceptable. The minified output previously was There are some release notes about how So I thought that I'd try the Advanced Preset. Unfortunately, that did not solve the primary cause of the CSS bloat. Here's what I was seeingOutput with gulp-cssnano and cssnano@3.md-dense :not(.md-dense-disabled) .md-button:not(.md-dense-disabled), .md-dense > .md-button:not(.md-dense-disabled) {
min-height: 32px;
line-height: 32px;
font-size: 13px
}
[dir=rtl] md-checkbox {
margin-left: 16px;
margin-right: 0
}
.flex-gt-xs-50, .layout-row > .flex-gt-xs-50 {
-webkit-box-flex: 1;
flex: 1 1 100%;
max-width: 50%;
max-height: 100%;
box-sizing: border-box
}
.md-datepicker-open .md-datepicker-triangle-button, .md-datepicker-open.md-input-has-placeholder > label, .md-datepicker-open.md-input-has-value > label, .md-datepicker-pos-adjusted .md-datepicker-input-mask {
display: none
} Output with gulp-postcss and cssnano@4.md-dense :not(.md-dense-disabled) .md-button:not(.md-dense-disabled), .md-dense > .md-button:not(.md-dense-disabled) {
min-height: 32px
}
.md-dense :not(.md-dense-disabled) .md-button:not(.md-dense-disabled), .md-dense > .md-button:not(.md-dense-disabled) {
line-height: 32px
}
.md-dense :not(.md-dense-disabled) .md-button:not(.md-dense-disabled), .md-dense > .md-button:not(.md-dense-disabled) {
font-size: 13px
}
[dir=rtl] md-checkbox {
margin-left: 16px
}
[dir=rtl] md-checkbox {
margin-right: 0
}
.flex-gt-xs-50 {
-webkit-box-flex: 1;
flex: 1 1 100%;
max-width: 50%;
max-height: 100%;
box-sizing: border-box
}
.layout-row > .flex-gt-xs-50 {
-webkit-box-flex: 1;
flex: 1 1 100%;
max-width: 50%;
max-height: 100%;
box-sizing: border-box
}
.md-datepicker-open .md-datepicker-triangle-button, .md-datepicker-open.md-input-has-placeholder > label, .md-datepicker-open.md-input-has-value > label {
display: none
}
.md-datepicker-pos-adjusted .md-datepicker-input-mask {
display: none
} There are some bugs (cssnano/cssnano#805, cssnano/cssnano#701) reported against their There are also some issues (cssnano/cssnano#620, cssnano/cssnano#385) about the update from |
Removing The seeming duplication of some selectors mentioned in the previous comment is still happening, but the reduction of many |
Build issue
What is the expected behavior?
Ideally, we'd like to minimize the audit warnings from
npm audit
.What is the current behavior?
gulp-cssnano
generates a Moderate and High audit warning.Additionally, the gulp-cssnano repo has been archived and marked DEPRECATED.
What is the use-case or motivation for changing an existing behavior?
npm audit
reports the following:As you can see the culprit is
js-yaml
which is brought in bysvgo
.Which versions of AngularJS, Material, OS, and browsers are affected?
The text was updated successfully, but these errors were encountered: