Skip to content

Bump postcss and styled-components in /extensions/ql-vscode#4377

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/extensions/ql-vscode/multi-d9c663d430
Open

Bump postcss and styled-components in /extensions/ql-vscode#4377
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/extensions/ql-vscode/multi-d9c663d430

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 24, 2026

Bumps postcss to 8.5.10 and updates ancestor dependency styled-components. These dependencies need to be updated together.

Updates postcss from 8.5.6 to 8.5.10

Release notes

Sourced from postcss's releases.

8.5.10

  • Fixed XSS via unescaped </style> in non-bundler cases (by @​TharVid).

8.5.9

  • Speed up source map encoding paring in case of the error.

8.5.8

  • Fixed Processor#version.

8.5.7

  • Improved source map annotation cleaning performance (by CodeAnt AI).
Changelog

Sourced from postcss's changelog.

8.5.10

  • Fixed XSS via unescaped </style> in non-bundler cases (by @​TharVid).

8.5.9

  • Speed up source map encoding paring in case of the error.

8.5.8

  • Fixed Processor#version.

8.5.7

  • Improved source map annotation cleaning performance (by CodeAnt AI).
Commits

Updates styled-components from 6.1.13 to 6.4.1

Release notes

Sourced from styled-components's releases.

styled-components@6.4.1

Patch Changes

  • 49d09ae: Fix a performance regression in 6.4.0 where dynamic createGlobalStyle components caused significant re-render slowdowns. Also restores pre-6.4 cascade ordering when multiple instances of the same createGlobalStyle coexist.
  • eca95b2: Fix outdated dev-mode error messages for keyframes-in-untagged-strings and component-selector references that still pointed at www.styled-components.com and described behavior from styled-components v3.

styled-components@6.4.1-prerelease-20260417184545

Full Changelog: https://github.com/styled-components/styled-components/compare/styled-components@6.4.1-prerelease-20260417184031...styled-components@6.4.1-prerelease-20260417184545

styled-components@6.4.1-prerelease-20260417184031

What's Changed

Full Changelog: https://github.com/styled-components/styled-components/compare/styled-components@6.4.0...styled-components@6.4.1-prerelease-20260417184031

styled-components@6.4.0

Minor Changes

  • b0f3d29: .attrs() improvements: props supplied via attrs are now automatically made optional on the resulting component (previously required even when attrs provided a default). Also fixes a bug where the attrs callback received a mutable props object that could be changed by subsequent attrs processing; it now receives an immutable snapshot.

  • 2a973d8: Dropped IE11 support: ES2015 build target, inlined unitless CSS properties (removing @​emotion/unitless dependency), removed legacy React class statics from hoist and other unnecessary code.

  • 9e07d95: Add createTheme(defaultTheme, options?) for CSS variable theming that works across RSC and client components.

    Returns an object with the same shape where every leaf is var(--prefix-path, fallback). Pass it to ThemeProvider for stable class name hashes across themes (no hydration mismatch on light/dark switch).

    const theme = createTheme({ colors: { primary: '#0070f3' } });
// theme.colors.primary → "var(--sc-colors-primary, #0070f3)"
// theme.raw → original object
// theme.vars.colors.primary → "--sc-colors-primary"
// theme.resolve(el?) → computed values from DOM (client-only)
// theme.GlobalStyle → component that emits CSS var declarations

    vars exposes bare CSS custom property names (same shape as the theme) for use in createGlobalStyle dark mode overrides without hand-writing variable names:

    const { vars } = createTheme({ colors: { bg: '#fff', text: '[#000](https://github.com/styled-components/styled-components/issues/000)' } });
const DarkOverrides = createGlobalStyle@media (prefers-color-scheme: dark) { :root { ${vars.colors.bg}: [#111](https://github.com/styled-components/styled-components/issues/111); ${vars.colors.text}: #eee; } };

... (truncated)

Commits
  • 37a0a5e Version Packages
  • 2f1a3fb ci: per-package prerelease notes with progression link [skip ci]
  • fea4919 ci: match prerelease notes to release job format [skip ci]
  • e557e11 style: align prerelease job formatting with release job
  • a3dee6d ci: collapse prerelease workflow into release.yml
  • 52bda0c chore: add husky pre-commit hook running prettier
  • eca95b2 chore: add changeset for stale error message fix
  • c8db03c fix(build): emit errors.ts from generator so compiled bundle matches errors.md
  • 45e4b84 docs(agents): drop duplicated Float and new Array rules
  • 368fb93 docs: drop v3/v4 history from keyframes untagged-string error
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for styled-components since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump postcss and styled-components in /extensions/ql-vscode
34064ca 
Bumps [postcss](https://github.com/postcss/postcss) to 8.5.10 and updates ancestor dependency [styled-components](https://github.com/styled-components/styled-components). These dependencies need to be updated together.


Updates `postcss` from 8.5.6 to 8.5.10
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.5.6...8.5.10)

Updates `styled-components` from 6.1.13 to 6.4.1
- [Release notes](https://github.com/styled-components/styled-components/releases)
- [Commits](https://github.com/styled-components/styled-components/compare/v6.1.13...styled-components@6.4.1)

---
updated-dependencies:
- dependency-name: postcss
  dependency-version: 8.5.10
  dependency-type: indirect
- dependency-name: styled-components
  dependency-version: 6.4.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the Update dependencies Dependabot update PRs label Apr 24, 2026
@dependabot dependabot Bot requested a review from a team as a code owner April 24, 2026 15:35
@dependabot dependabot Bot added the Update dependencies Dependabot update PRs label Apr 24, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

Update dependencies Dependabot update PRs

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants