New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
upgrade dependencies in order to avoid vulnerabilities #5298
Comments
It will be fixed once we migrate to PostCSS 8 #4942 |
Hi @hudochenkov, when are you going to migrate? I have the same problem. |
It's unknown. Because it's a lot of work. We need to migrate 200+ PostCSS plugins (every rule is PostCSS plugin). Help is always welcome. |
It does not work with npm v7.10.0 |
Hi,
Could you define the "core" plugins that needs to be migrated to postcss8. And then make new release from stylelint. And after that migrate "not so core" plugins to support postcss8? |
That's the plan. It can be confusing because both Stylelint's built-in rules and plugins are PostCSS plugins behind the scenes. We can release once all the 200+ built-in rules are migrated to PostCSS 8. The community members can then migrate their plugins. As @hudochenkov said, #4942 is the issue for this migration. It is currently blocked by #5297 (see the discussion in #5289), but will be unblocked soon. Please consider contributing to any of the issues in the |
after yarn audit I have 7 notification regarding vulnerabilities from postcss
could you fix it?
The text was updated successfully, but these errors were encountered: