[Snyk] Upgrade tailwindcss from 3.3.2 to 3.4.3

[JMARRUJO91]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade tailwindcss from 3.3.2 to 3.4.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 9 versions ahead of your current version.

• The recommended version was released 2 months ago, on 2024-03-27.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	417/1000 Why? Proof of Concept exploit, CVSS 6.2	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: tailwindcss

• 3.4.3 - 2024-03-27
  

  Fixed

  • Revert changes to glob handling (#13384)
• 3.4.2 - 2024-03-27
  

  Fixed

  • Ensure max specificity of 0,0,1 for button and input Preflight rules (#12735)
  • Improve glob handling for folders with (, ), [ or ] in the file path (#12715)
  • Split :has rules when using experimental.optimizeUniversalDefaults (#12736)
  • Sort arbitrary properties alphabetically across multiple class lists (#12911)
  • Add mix-blend-plus-darker utility (#12923)
  • Ensure dashes are allowed in variant modifiers (#13303)
  • Fix crash showing completions in Intellisense when using a custom separator (#13306)
  • Transpile import.meta.url in config files (#13322)
  • Reset letter spacing for form elements (#13150)
  • Fix missing xx-large and remove double x-large absolute size (#13324)
  • Don't error when encountering nested CSS unless trying to @ apply a class that uses nesting (#13325)
  • Ensure that arbitrary properties respect important configuration (#13353)
  • Change dark mode selector so @ apply works correctly with pseudo elements (#13379)
• 3.4.1 - 2024-01-05
  

  Fixed

  • Don't remove keyframe stops when using important utilities (#12639)
  • Don't add spaces to gradients and grid track names when followed by calc() (#12704)
  • Restore old behavior for class dark mode strategy (#12717)

  Added

  • Add new selector and variant strategies for dark mode (#12717)

  Changed

  • Support rtl and ltr variants on same element as dir attribute (#12717)
• 3.4.0 - 2023-12-19
  

  

  Tailwind CSS v3.4 has arrived! Check out the announcement post for a guided tour through all of the highlights.

  Added

  • Add svh, lvh, and dvh values to default height/min-height/max-height theme (#11317)
  • Add has-* variants for :has(...) pseudo-class (#11318)
  • Add text-wrap utilities including text-balance and text-pretty (#11320, #12031)
  • Extend default opacity scale to include all steps of 5 (#11832)
  • Update Preflight html styles to include shadow DOM :host pseudo-class (#11200)
  • Increase default values for grid-rows-* utilities from 1–6 to 1–12 (#12180)
  • Add size-* utilities (#12287)
  • Add utilities for CSS subgrid (#12298)
  • Add spacing scale to min-w-*, min-h-*, and max-w-* utilities (#12300)
  • Add forced-color-adjust utilities (#11931)
  • Add forced-colors variant (#11694, #12582)
  • Add appearance-auto utility (#12404)
  • Add logical property values for float and clear utilities (#12480)
  • Add * variant for targeting direct children (#12551)

  Changed

  • Simplify the sans font-family stack (#11748)
  • Disable the tap highlight overlay on iOS (#12299)
  • Improve relative precedence of rtl, ltr, forced-colors, and dark variants (#12584)
• 3.3.7 - 2023-12-18
  

  Fixed

  • Fix support for container query utilities with arbitrary values (#12534)
  • Fix custom config loading in Standalone CLI (#12616)
• 3.3.6 - 2023-12-04
  

  Fixed

  • Don’t add spaces to negative numbers following a comma (#12324)
  • Don't emit @ config in CSS when watching via the CLI (#12327)
  • Improve types for resolveConfig (#12272)
  • Ensure configured font-feature-settings for mono are included in Preflight (#12342)
  • Improve candidate detection in minified JS arrays (without spaces) (#12396)
  • Don't crash when given applying a variant to a negated version of a simple utility (#12514)
  • Fix support for slashes in arbitrary modifiers (#12515)
  • Fix source maps of variant utilities that come from an @ layer rule (#12508)
  • Fix loading of built-in plugins when using an ESM or TypeScript config with the Standalone CLI (#12506)
• 3.3.5 - 2023-10-25
  

  Fixed

  • Fix incorrect spaces around - in calc() expression (#12283)
• 3.3.4 - 2023-10-24
  

  Fixed

  • Improve normalisation of calc()-like functions (#11686)
  • Skip calc() normalisation in nested theme() calls (#11705)
  • Fix incorrectly generated CSS when using square brackets inside arbitrary properties (#11709)
  • Make content optional for presets in TypeScript types (#11730)
  • Handle variable colors that have variable fallback values (#12049)
  • Batch reading content files to prevent too many open files error (#12079)
  • Skip over classes inside :not(…) when nested in an at-rule (#12105)
  • Update types to work with Node16 module resolution (#12097)
  • Don’t crash when important and parent selectors are equal in @ apply (#12112)
  • Eliminate irrelevant rules when applying variants (#12113)
  • Improve RegEx parser, reduce possibilities as the key for arbitrary properties (#12121)
  • Fix sorting of utilities that share multiple candidates (#12173)
  • Ensure variants with arbitrary values and a modifier are correctly matched in the RegEx based parser (#12179)
  • Fix crash when watching renamed files on FreeBSD (#12193)
  • Allow plugins from a parent document to be used in an iframe (#12208)
  • Add types for tailwindcss/nesting (#12269)
  • Bump jiti, fast-glob, and browserlist dependencies (#11550)
  • Improve automatic var injection for properties that accept a <dashed-ident> (#12236)
• 3.3.3 - 2023-07-13
  

  Fixed

  • Fix issue where some pseudo-element variants generated the wrong selector (#10943, #10962, #11111)
  • Make font settings propagate into buttons, inputs, etc. (#10940)
  • Fix parsing of theme() inside calc() when there are no spaces around operators (#11157)
  • Ensure repeating-conic-gradient is detected as an image (#11180)
  • Move unknown pseudo-elements outside of :is by default (#11345)
  • Escape animation names when prefixes contain special characters (#11470)
  • Don't prefix arbitrary classes in group and peer variants (#11454)
  • Sort classes using position of first matching rule (#11504)
  • Allow variant to be an at-rule without a prelude (#11589)
  • Make PostCSS plugin async to improve performance (#11548)
  • Don’t error when a config file is missing (f97759f)

  Added

  • Add aria-busy utility (#10966)

  Changed

  • Reset padding for <dialog> elements in preflight (#11069)
• 3.3.2 - 2023-04-25
  

  Fixed

  • Don’t move unknown pseudo-elements to the end of selectors (#10943, #10962)
  • Inherit gradient stop positions when using variants (#11002)
  • Honor default to position of gradient when using implicit transparent colors (#11002)
  • Ensure @ tailwindcss/oxide doesn't leak in the stable engine (#10988)
  • Ensure multiple theme(spacing[5]) calls with bracket notation in arbitrary properties work (#11039)
  • Normalize arbitrary modifiers (#11057)

  Changed

  • Drop support for Node.js v12 (#11089)

from tailwindcss GitHub release notes

Commit messages

Package name: tailwindcss

• f1f419a 3.4.3
• e6c1082 Revert changes to glob handling (#13384)
• 8430d8b 3.4.2
• 8b4a2a6 Change dark selector so `@ apply` works correctly with pseudo elements (#13379)
• 97607f1 Ensure that arbitrary properties respect `important` configuration (#13353)
• c033f10 Update CHANGELOG.md
• bda8421 Only detect nesting when using `@ apply` (#13325)
• 3ba51d1 Remove leading space in `box-shadow`'s `addDefaults` call (#13334)
• a53d854 Fix missing `xx-large` and remove double `x-large` absolute size (#13324)
• ea90d3a Reset letter spacing for form elements (#13150)
• b10b431 Transpile `import.meta.url` in config files (#13322)
• 44b3b42 Cleanup oxide — Part #2 (#13312)
• c28c718 Update esbuild to version 0.20.2 (#13315)
• 27e4b65 Fix crash showing completions in Intellisense when using a custom separator (#13306)
• 9b90c53 Cleanup oxide — Part #1 (#13304)
• d56d241 Ensure dashes are allowed in variant modifiers (#13303)
• 41e94eb Add missing `workflow_dispatch` (#13302)
• 3eb8cab 🚨 [security] Update vite 4.3.2 → 5.1.6 (major) (#13287)
• 3a466bc Update rollup to version 4.13.0 (#13279)
• 41c90f6 Update sass to version 1.72.0 (#13296)
• f5408d6 Fix failing integration tests in CI (#13300)
• d86fd0b CI: Add provenance to all published packages (#13097)
• de00a62 Update contributing
• 4429ab8 Update CHANGELOG.md 3.4.1 release date (#13024)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud