[Snyk] Upgrade postcss from 8.4.25 to 8.5.6

[nerdy-tech-com-gitub]

Snyk has created this PR to upgrade postcss from 8.4.25 to 8.5.6.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 31 versions ahead of your current version.

• The recommended version was released 2 months ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELHELPERS-9397697	140	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELRUNTIME-10044504	140	Proof of Concept
	Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	140	Proof of Concept
	Excessive Platform Resource Consumption within a Loop SNYK-JS-BRACES-6838727	140	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CROSSSPAWN-8303230	140	Proof of Concept
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	140	No Known Exploit
	Improper Input Validation SNYK-JS-NANOID-8492085	140	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	140	Proof of Concept

Release notes

Package name: postcss

• 8.5.6 - 2025-06-16
  
  • Fixed ContainerWithChildren type discriminating (by @ Goodwine).
• 8.5.5 - 2025-06-11
  
  • Fixed package.json→exports compatibility with some tools (by @ JounQin).
• 8.5.4 - 2025-05-29
  
  • Fixed Parcel compatibility issue (by @ git-sumitchaudhary).
• 8.5.3 - 2025-02-19
  
  • Added more details to Unknown word error (by @ hiepxanh).
  • Fixed types (by @ romainmenke).
  • Fixed docs (by @ catnipan).
• 8.5.2 - 2025-02-10
  
  • Fixed end position of rules with semicolon (by @ romainmenke).
• 8.5.1 - 2025-01-14
  
  • Fixed backwards compatibility for complex cases (by @ romainmenke).
• 8.5.0 - 2025-01-13
  

  PostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.

  @ romainmenke during his work on Stylelint added Input#document in additional to Input#css.

  root.source.input.document //=> "<p>Hello</p>
  // <style>
  // p {
  // color: green;
  // }
  // </style>"
  root.source.input.css //=> "p {
  // color: green;
  // }"
  

  Thanks to Sponsors

  This release was possible thanks to our community.

  If your company wants to support the sustainability of front-end infrastructure or wants to give some love to PostCSS, you can join our supporters by:

  • Tidelift with a Spotify-like subscription model supporting all projects from your lock file.
  • Direct donations at GitHub Sponsors or Open Collective.
• 8.4.49 - 2024-11-11
  
  • Fixed custom syntax without source.offset (by @ romainmenke).
• 8.4.48 - 2024-11-10
  
  • Fixed position calculation in error/warnings methods (by @ romainmenke).
• 8.4.47 - 2024-09-14
  
  • Removed debug code.
• 8.4.46 - 2024-09-14
• 8.4.45 - 2024-09-04
• 8.4.44 - 2024-09-02
• 8.4.43 - 2024-09-01
• 8.4.42 - 2024-08-31
• 8.4.41 - 2024-08-05
• 8.4.40 - 2024-07-24
• 8.4.39 - 2024-06-29
• 8.4.38 - 2024-03-20
• 8.4.37 - 2024-03-19
• 8.4.36 - 2024-03-17
• 8.4.35 - 2024-02-07
• 8.4.34 - 2024-02-05
• 8.4.33 - 2024-01-04
• 8.4.32 - 2023-12-02
• 8.4.31 - 2023-09-28
• 8.4.30 - 2023-09-18
• 8.4.29 - 2023-08-29
• 8.4.28 - 2023-08-15
• 8.4.27 - 2023-07-21
• 8.4.26 - 2023-07-13
• 8.4.25 - 2023-07-06

from postcss GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs