[Snyk] Security upgrade cssnano from 4.1.10 to 5.0.16

[svcsnyksanity]

Snyk has created this PR to fix 9 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• package.json
• package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	696
	Prototype Pollution SNYK-JS-DOTPROP-543489	636
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	586
	Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	586
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1085627	586
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1243891	586
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595	586
	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1255640	586
	Arbitrary Code Execution SNYK-JS-JSYAML-174129	514

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)
🦉 Prototype Pollution
🦉 Arbitrary Code Execution

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/browserslist@4.23.3	environment, filesystem	0	63 kB	ai
npm/caniuse-lite@1.0.30001657	None	0	2.1 MB	ai, beneb, caniuse-lite
npm/colord@2.9.3	None	0	114 kB	omgovich
npm/css-declaration-sorter@6.4.1	None	0	83.8 kB	siilwyn
npm/css-select@4.3.0	None	0	82.4 kB	feedic
npm/css-tree@1.1.3	None	0	989 kB	lahmatiy
npm/css-what@6.1.0	None	0	66 kB	feedic
npm/cssnano-preset-default@5.2.14	None	0	22 kB	ludovicofischer
npm/cssnano-utils@3.1.0	None	0	6.53 kB	ludovicofischer
npm/cssnano@5.0.16	None	0	8.03 kB	ludovicofischer
npm/csso@4.2.0	None	0	593 kB	lahmatiy
npm/dom-serializer@1.4.1	None	0	28.3 kB	feedic
npm/domelementtype@2.3.0	None	0	11.4 kB	feedic
npm/domhandler@4.3.1	None	0	44.6 kB	feedic
npm/domutils@2.8.0	network	0	56.6 kB	feedic
npm/electron-to-chromium@1.5.14	None	0	146 kB	kilianvalkhof
npm/entities@2.2.0	None	0	57.7 kB	feedic
npm/escalade@3.2.0	None	0	12.4 kB	lukeed
npm/lilconfig@2.1.0	filesystem	0	16.6 kB	antonk52
npm/mdn-data@2.0.14	None	0	562 kB	escattone
npm/node-releases@2.0.18	None	0	35.7 kB	chicoxyzzy
npm/normalize-url@6.1.0	None	0	21.2 kB	sindresorhus
npm/nth-check@2.1.1	None	0	42.6 kB	feedic
npm/picocolors@1.1.0	environment	0	11.4 kB	alexeyraspopov
npm/postcss-calc@8.2.4	None	0	188 kB	ludovicofischer
npm/postcss-colormin@5.3.1	None	+1	35.6 kB	ludovicofischer
npm/postcss-convert-values@5.1.3	None	0	11.7 kB	ludovicofischer
npm/postcss-discard-comments@5.1.2	None	0	10.7 kB	ludovicofischer
npm/postcss-discard-duplicates@5.1.0	None	0	8.14 kB	ludovicofischer
npm/postcss-discard-empty@5.1.1	None	0	5.05 kB	ludovicofischer
npm/postcss-discard-overridden@5.1.0	None	0	9.23 kB	ludovicofischer
npm/postcss-merge-longhand@5.1.7	None	0	49.5 kB	ludovicofischer
npm/postcss-merge-rules@5.1.4	None	0	23.4 kB	ludovicofischer
npm/postcss-minify-font-values@5.1.0	None	0	18.1 kB	ludovicofischer
npm/postcss-minify-gradients@5.1.1	None	0	11.1 kB	ludovicofischer
npm/postcss-minify-params@5.1.4	None	0	6.69 kB	ludovicofischer
npm/postcss-minify-selectors@5.2.1	None	0	9.51 kB	ludovicofischer
npm/postcss-normalize-charset@5.1.0	None	0	5.06 kB	ludovicofischer
npm/postcss-normalize-display-values@5.1.0	None	0	7 kB	ludovicofischer
npm/postcss-normalize-positions@5.1.1	None	0	8.32 kB	ludovicofischer
npm/postcss-normalize-repeat-style@5.1.1	None	0	7.47 kB	ludovicofischer
npm/postcss-normalize-string@5.1.0	None	0	12.3 kB	ludovicofischer
npm/postcss-normalize-timing-functions@5.1.0	None	0	7.1 kB	ludovicofischer
npm/postcss-normalize-unicode@5.1.1	None	0	5.92 kB	ludovicofischer
npm/postcss-normalize-url@5.1.0	None	0	8.78 kB	ludovicofischer
npm/postcss-normalize-whitespace@5.1.1	None	0	6.6 kB	ludovicofischer
npm/postcss-ordered-values@5.1.3	None	0	28.9 kB	ludovicofischer
npm/postcss-reduce-initial@5.1.2	None	0	16.6 kB	ludovicofischer
npm/postcss-reduce-transforms@5.1.0	None	0	9.87 kB	ludovicofischer
npm/postcss-selector-parser@6.1.2	None	+1	204 kB	evilebottnawi
npm/postcss-svgo@5.1.0	None	0	13.5 kB	ludovicofischer
npm/postcss-unique-selectors@5.1.1	None	0	5.21 kB	ludovicofischer
npm/stylehacks@5.1.1	None	0	30.7 kB	ludovicofischer
npm/svgo@2.8.0	filesystem Transitive: shell	+1	1.12 MB	trysound
npm/update-browserslist-db@1.1.0	environment, filesystem, shell	0	14.8 kB	ai
npm/yaml@1.10.2	environment	0	448 kB	eemeli

🚮 Removed packages: npm/alphanum-sort@1.0.2), npm/browserslist@4.5.2), npm/caller-callsite@2.0.0), npm/caniuse-lite@1.0.30000954), npm/coa@2.0.2), npm/color-string@1.5.3), npm/color@3.1.0), npm/cosmiconfig@5.2.0), npm/css-color-names@0.0.4), npm/css-declaration-sorter@4.0.1), npm/css-select-base-adapter@0.1.1), npm/css-select@2.0.2), npm/css-tree@1.0.0-alpha.28), npm/css-unit-converter@1.1.1), npm/css-url-regex@1.1.0), npm/css-what@2.1.3), npm/cssnano-preset-default@4.0.7), npm/cssnano-util-get-arguments@4.0.0), npm/cssnano-util-get-match@4.0.0), npm/cssnano-util-raw-cache@4.0.1), npm/cssnano-util-same-parent@4.0.1), npm/cssnano@4.1.10), npm/csso@3.5.1), npm/dom-serializer@0.1.1), npm/domelementtype@1.3.1), npm/domutils@1.7.0), npm/electron-to-chromium@1.3.119), npm/entities@1.1.2), npm/hex-color-regex@1.1.0), npm/hsl-regex@1.0.0), npm/hsla-regex@1.0.0), npm/html-comment-regex@1.1.2), npm/import-fresh@2.0.0), npm/indexes-of@1.0.1), npm/is-absolute-url@2.1.0), npm/is-color-stop@1.1.0), npm/is-directory@0.3.1), npm/is-svg@3.0.0), npm/mdn-data@1.1.4), npm/node-releases@1.1.11), npm/normalize-url@3.3.0), npm/nth-check@1.0.2), npm/object.values@1.1.0), npm/postcss-calc@7.0.1), npm/postcss-colormin@4.0.3), npm/postcss-convert-values@4.0.1), npm/postcss-discard-comments@4.0.2), npm/postcss-discard-duplicates@4.0.2), npm/postcss-discard-empty@4.0.1), npm/postcss-discard-overridden@4.0.1), npm/postcss-merge-longhand@4.0.11), npm/postcss-merge-rules@4.0.3), npm/postcss-minify-font-values@4.0.2), npm/postcss-minify-gradients@4.0.2), npm/postcss-minify-params@4.0.2), npm/postcss-minify-selectors@4.0.2), npm/postcss-normalize-charset@4.0.1), npm/postcss-normalize-display-values@4.0.2), npm/postcss-normalize-positions@4.0.2), npm/postcss-normalize-repeat-style@4.0.2), npm/postcss-normalize-string@4.0.2), npm/postcss-normalize-timing-functions@4.0.2), npm/postcss-normalize-unicode@4.0.1), npm/postcss-normalize-url@4.0.1), npm/postcss-normalize-whitespace@4.0.2), npm/postcss-ordered-values@4.1.2), npm/postcss-reduce-initial@4.0.3), npm/postcss-reduce-transforms@4.0.2), npm/postcss-selector-parser@5.0.0), npm/postcss-svgo@4.0.2), npm/postcss-unique-selectors@4.0.1), npm/rgb-regex@1.0.1), npm/rgba-regex@1.0.0), npm/sax@1.2.4), npm/simple-swizzle@0.2.2), npm/stylehacks@4.0.3), npm/svgo@1.2.0), npm/timsort@0.3.0), npm/uniq@1.0.1), npm/uniqs@2.0.0), npm/unquote@1.1.1), npm/util.promisify@1.0.0), npm/vendors@1.0.2)

View full report↗︎