Bump postcss, postcss-cli, postcss-import, postcss-loader, postcss-preset-env and rollup-plugin-postcss

[dependabot]

Bumps postcss, postcss-cli, postcss-import, postcss-loader, postcss-preset-env and rollup-plugin-postcss. These dependencies needed to be updated together.
Updates postcss from 7.0.39 to 8.5.14

Release notes

Sourced from postcss's releases.

8.5.14

• Fixed custom syntax regression (by @​43081j).

8.5.13

• Fixed postcss-scss commend regression.

8.5.12

• Fixed reading any file via user-generated CSS.
• Added opts.unsafeMap to disable checks.

8.5.11

• Fixed nested brackets parsing performance (by @​offset).

8.5.10

• Fixed XSS via unescaped </style> in non-bundler cases (by @​TharVid).

8.5.9

• Speed up source map encoding paring in case of the error.

8.5.8

• Fixed Processor#version.

8.5.7

• Improved source map annotation cleaning performance (by CodeAnt AI).

8.5.6

• Fixed ContainerWithChildren type discriminating (by @​Goodwine).

8.5.5

• Fixed package.json→exports compatibility with some tools (by @​JounQin).

8.5.4

• Fixed Parcel compatibility issue (by @​git-sumitchaudhary).

8.5.3

• Added more details to Unknown word error (by @​hiepxanh).
• Fixed types (by @​romainmenke).
• Fixed docs (by @​catnipan).

8.5.2

• Fixed end position of rules with semicolon (by @​romainmenke).

8.5.1

• Fixed backwards compatibility for complex cases (by @​romainmenke).

8.5 “Duke Alloces”

PostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.

... (truncated)

Changelog

Sourced from postcss's changelog.

8.5.14

• Fixed custom syntax regression (by @​43081j).

8.5.13

• Fixed postcss-scss commend regression.

8.5.12

• Fixed reading any file via user-generated CSS.
• Added opts.unsafeMap to disable checks.

8.5.11

• Fixed nested brackets parsing performance (by @​offset).

8.5.10

• Fixed XSS via unescaped </style> in non-bundler cases (by @​TharVid).

8.5.9

• Speed up source map encoding paring in case of the error.

8.5.8

• Fixed Processor#version.

8.5.7

• Improved source map annotation cleaning performance (by CodeAnt AI).

8.5.6

• Fixed ContainerWithChildren type discriminating (by @​Goodwine).

8.5.5

• Fixed package.json→exports compatibility with some tools (by @​JounQin).

8.5.4

• Fixed Parcel compatibility issue (by @​git-sumitchaudhary).

8.5.3

• Added more details to Unknown word error (by @​hiepxanh).
• Fixed types (by @​romainmenke).
• Fixed docs (by @​catnipan).

... (truncated)

Commits

• 3ec1394 Release 8.5.14 version
• f2bb827 Update dependencies
• d75953d Merge pull request #2084 from 43081j/raw-raws-rawing
• 68bd213 fix: always call raw to retrieve raw values
• af58cf1 Release 8.5.13 version
• f227dbd Temporary ignore pnpm 11 config
• d3abd40 Update dependencies
• dd06c3e Revert stringifier changes because of the conflict with postcss-scss
• ae889c8 Try to fix CI
• e0093e4 Move to pnpm 11
• Additional commits viewable in compare view

Updates postcss-cli from 7.1.2 to 11.0.1

Release notes

Sourced from postcss-cli's releases.

8.0.0 / 2020-09-21

• BREAKING: Support postcss v8 (#344, #349)
• BREAKING: postcss is now a peerDependency, you must install it seperately (#344, #349)
• Upgrade dependencies (#340)

Changelog

Sourced from postcss-cli's changelog.

11.0.1 / 2025-03-12

• Update and minimize dependencies

11.0.0 / 2023-12-05

• BREAKING: Require Node.js v18+ (#464)
• Upgrade to postcss-load-config@5 for improved ESM & TS config support (#461, #462)

10.1.0 / 2022-11-29

• Allow running --watch mode in non-TTY contexts, like Docker (#448)
• Update dependencies

10.0.0 / 2022-06-29

• BREAKING: Drop Node 12 support (#438)
• Add support for ESM config files (#437)

9.1.0 / 2021-12-10

• Don't write to files if they're unchanged (#320, #417)

9.0.2 / 2021-11-04

• Switch to picocolors (#409)
• Remove test files from npm package

9.0.1 / 2021-09-28

• Actually exit with error when attempting to stdout in watch mode
• Remove bin/ from files in package.json

9.0.0 / 2021-09-24

• BREAKING: Require Node.js v12+
• BREAKING: Must specify full file path, including .js extension, when loading local plugins with --use (#401)
• BREAKING: Officially remove support for watching postcss config (was already broken in previous releases)
• Add support for dir-dependency messages (#383, #391)
• Update deps

8.3.1 / 2020-12-12

• Ensure paths are not interpreted as numbers (#360)
• Better errors for incorrect postcss version (#361, #362)

8.3.0 / 2020-11-17

• Exit on EOF/^D (#358)

... (truncated)

Commits

• 7bea180 11.0.1
• 0dc4eba Use eslint v9 + flat config (#490)
• 733ef42 chore(deps): update dependency sugarss to v5 (#483)
• 1363a65 Update dependency prettier to ~3.5.0 (#488)
• bd416f5 Update dependency uuid to v11 (#482)
• bfad16d Update dependency c8 to v10 (#480)
• b5d8f0e feat: replace globby with tinyglobby and remove get-stdin in favor of builtin...
• 5f9f92a Update dependency prettier to ~3.4.0 (#484)
• 0f52be7 Update dependency prettier to ~3.3.0 (#477)
• 528af4c Adding link to PostCSS (#472)
• Additional commits viewable in compare view

Updates postcss-import from 12.0.1 to 16.1.1

Release notes

Sourced from postcss-import's releases.

14.0.0 / 2020-12-14

This release should not have breaking changes for the vast majority of users; only those with @charset statements in their CSS may be affected.

• BREAKING: Error if multiple incompatible @charset statements (#447)
• BREAKING: Warn if @charset statements are not at the top of files (#447)
• Fix handing of @charset (#436, #447)

13.0.0 / 2020-10-20

• BREAKING: Require Node 10+ (#429)
• BREAKING: Upgrade to postcss v8 and require it as a peerDependency (#427, #432)
• Update dependencies

Changelog

Sourced from postcss-import's changelog.

16.1.1 / 2025-06-17

• Fix incorrect cascade layer order when some resources can not be inlined (#567, #574)

16.1.0 / 2024-03-20

• Allow bundling URLs with fragments (useful for Vite users) (#560, #561)

16.0.1 / 2024-02-14

• Fix crash when handling some @imports with media conditions (#557, #558)

16.0.0 / 2024-01-02

• BREAKING: Require Node.js v18+ (#550, #551)
• BREAKING: Signifigant rewrite, with small behavioral tweaks in a number of edge cases
• Support for @supports conditional imports added (#532, #548)
• When skipDuplicates is false, handles import cycles correctly (#462, #535)
• Add warnOnEmpty option to allow disabling warnings for empty files (#84, #541)
• Use proper node.errors (#518, #540)

Huge thanks to @romainmenke for all the hard work he put into this release.

15.1.0 / 2022-12-07

• Add data: URL support (this is not useful for most consumers) (#515)

15.0.1 / 2022-12-01

• Preserve layer in ignored @imports (#510, #511)
• Join media queries in the correct order (#512, #513)

15.0.0 / 2022-08-30

• BREAKING: Require Node.js v14+ (#497)
• BREAKING: Require nameLayer option for handling anonymous layers (#496)
• Fix handling of @media queries inside layered imports (#495, #496)

14.1.0 / 2022-03-22

• Add @layer support (#483)

14.0.2 / 2021-05-10

• Remove remaining direct import of postcss package (#455, #456)

14.0.1 / 2021-03-31

• Fix bug with @charset statements in media imports (#448, #453)

... (truncated)

Commits

• 4ae9894 16.1.1
• a3f3889 Test on modern Node versions (#577)
• 10325fc Upgrade eslint & config; use flat config (#576)
• 9227642 Migrate config renovate.json (#575)
• 2544155 Update dependency prettier to ~3.5.0 (#572)
• 83108aa Fix incorrect cascade layer order when some resources can not be inlined (#574)
• cad0022 Update dependency sugarss to v5 (#568)
• 32deb08 Update dependency c8 to v10 (#565)
• d43ca15 Update dependency prettier to ~3.4.0 (#569)
• 9af465e Update dependency prettier to ~3.3.0 (#564)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by romainmenke, a new releaser for postcss-import since your current version.

Updates postcss-loader from 3.0.0 to 8.2.1

Release notes

Sourced from postcss-loader's releases.

v8.2.1

8.2.1 (2026-02-15)

Bug Fixes

• update peer dependency for @​rspack/core v2 (#717) (a3ed7e2)

v8.2.0

8.2.0 (2025-09-01)

Features

• update jiti from v1 to v2 (9c74974)

v8.1.1

8.1.1 (2024-02-28)

Bug Fixes

• respect default when loading postcss esm configs (52d8050)

v8.1.0

8.1.0 (2024-01-30)

Features

• add @rspack/core as an optional peer dependency (#679) (512e4c3)

v8.0.0

8.0.0 (2024-01-16)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 18.12.0 (#677) (8dd0315)

v7.3.4

7.3.4 (2023-12-27)

Bug Fixes

• do not crash if pkg.(d|devD)ependencies unset (#667) (8ef0c7e)

v7.3.3

7.3.3 (2023-06-10)

... (truncated)

Changelog

Sourced from postcss-loader's changelog.

8.2.1 (2026-02-15)

Bug Fixes

• update peer dependency for @​rspack/core v2 (#717) (a3ed7e2)

8.2.0 (2025-09-01)

Features

• update jiti from v1 to v2 (9c74974)

8.1.1 (2024-02-28)

Bug Fixes

• respect default when loading postcss esm configs (52d8050)

8.1.0 (2024-01-30)

Features

• add @rspack/core as an optional peer dependency (#679) (512e4c3)

8.0.0 (2024-01-16)

⚠ BREAKING CHANGES

• minimum supported Node.js version is 18.12.0 (#677) (8dd0315)

7.3.4 (2023-12-27)

Bug Fixes

• do not crash if pkg.(d|devD)ependencies unset (#667) (8ef0c7e)

7.3.3 (2023-06-10)

Bug Fixes

• perf: avoid using klona for postcss options (#658) (e754c3f)
• bug with loading configurations after updating cosmiconfig to version 8.2 (684d265)

... (truncated)

Commits

• 583677e chore(release): 8.2.1
• a3ed7e2 fix: update peer dependency for @​rspack/core v2 (#717)
• c984ff4 test: fix (#715)
• cc01d2b ci: fix
• d4faa34 docs: update contributing
• b1e4fa5 chore: correct link (#713)
• d990168 chore: migration to main org and branch (#712)
• 522a07d chore(release): 8.2.0
• 9c74974 feat: update jiti from v1 to v2
• 5a781e5 chore: update github actions/checkout from v4 to v5 (#709)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for postcss-loader since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

Updates postcss-preset-env from 6.7.0 to 11.2.1

Changelog

Sourced from postcss-preset-env's changelog.

11.2.1

April 12, 2026

• Updated @csstools/css-color-parser to 4.1.0 (minor)
• Updated @csstools/css-calc to 3.2.0 (minor)

11.2.0

February 21, 2026

• Added @csstools/postcss-font-width-property Check the plugin README for usage details.
• Updated cssdb to 8.8.0

11.1.3

February 6, 2026

• Updated @csstools/postcss-text-decoration-shorthand to 5.0.2 (patch)

11.1.2

January 25, 2026

• Updated @csstools/postcss-normalize-display-values to 5.0.1 (patch)
• Updated @csstools/color-helpers to 6.0.1 (patch)

11.1.1

January 15, 2026

• Updated @csstools/postcss-alpha-function to 2.0.1 (patch)

11.1.0

January 14, 2026

• Added @csstools/postcss-mixins Check the plugin README for usage details.
• Updated cssdb to 8.7.0

11.0.1

January 14, 2026

• Updated css-blank-pseudo to 8.0.1 (patch)

11.0.0

January 14, 2026

... (truncated)

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by romainmenke, a new releaser for postcss-preset-env since your current version.

Updates rollup-plugin-postcss from 3.1.8 to 4.0.2

Release notes

Sourced from rollup-plugin-postcss's releases.

v4.0.2

4.0.2 (2021-11-22)

Bug Fixes

• prioritize dart-sass over node-sass (#402) (caf3429)

v4.0.1

4.0.1 (2021-08-12)

Bug Fixes

• update to cssnano 5 (#357) (118253e)

v4.0.0

4.0.0 (2020-12-07)

Features

• upgrade postcss to 8.x (ceee1bc)

BREAKING CHANGES

• upgrade postcss to 8.x

Co-authored-by: Edward Elric SASUKE688848@gmail.com Co-authored-by: Ward Peeters ward@coding-tech.com

Commits

• 71593d9 chore: update ci node version
• caf3429 fix: prioritize dart-sass over node-sass (#402)
• 118253e fix: update to cssnano 5 (#357)
• a03c7bf build(deps): bump ini from 1.3.5 to 1.3.7 (#344)
• ceee1bc feat: upgrade postcss to 8.x
• 375412c change postcss to 8.x (#343)
• 6480f02 chore: upgrade dependencies (#342)
• 700eb14 chore: update postcss version to 8 (#325)
• 661c9ca chore: Fix typo in comment (#318)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.