[Snyk] Security upgrade analyze-css from 0.12.5 to 2.1.89

[hemanth]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	No Known Exploit
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Prototype Pollution SNYK-JS-MINIMIST-2429795	No	Proof of Concept
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JS-MINIMIST-559764	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: analyze-css

The new version differs by 250 commits.

• ad160e7 Merge pull request #787 from macbre/prefixes-update
• b82bbf8 2.1.89
• 3329cfc Updating rules/prefixes.json with autoprefixer 10.4.14 and browserslist 4.21.5
• 183c655 Merge pull request #785 from macbre/dependabot/npm_and_yarn/sass-1.59.3
• 5cdefd7 build(deps): bump sass from 1.59.2 to 1.59.3
• 3544a0c Merge pull request #720 from macbre/dependabot/npm_and_yarn/onecolor-4.0.0
• ae4e1b1 Adjust the test aften the onecolor upgrade
• e02fe1a build(deps): bump onecolor from 3.1.0 to 4.0.0
• 6ce8f08 Merge pull request #784 from macbre/dependabot/npm_and_yarn/glob-9.3.0
• 8530b58 build(deps): bump glob from 8.1.0 to 9.3.0
• ef43b48 Merge pull request #782 from macbre/dependabot/npm_and_yarn/node-fetch-3.3.1
• c1a4f3c build(deps): bump node-fetch from 3.3.0 to 3.3.1
• d89e8e6 Merge pull request #783 from macbre/dependabot/npm_and_yarn/eslint-8.36.0
• 87bb66a build(deps-dev): bump eslint from 8.35.0 to 8.36.0
• 06b2866 Merge pull request #781 from macbre/dependabot/npm_and_yarn/check-dts-0.7.1
• a8f17e5 build(deps-dev): bump check-dts from 0.7.0 to 0.7.1
• 5b34d4e Merge pull request #780 from macbre/dependabot/npm_and_yarn/sass-1.59.2
• d07e591 build(deps): bump sass from 1.58.3 to 1.59.2
• 09f9e0d Merge pull request #779 from macbre/prefixes-update
• 920ff4b 2.1.88
• 0f351be Updating rules/prefixes.json with autoprefixer 10.4.14 and browserslist 4.21.5
• f31959e Merge pull request #778 from macbre/dependabot/npm_and_yarn/autoprefixer-10.4.14
• 0945711 build(deps-dev): bump autoprefixer from 10.4.13 to 10.4.14
• 42a8bff Merge pull request #777 from macbre/dependabot/npm_and_yarn/jest-29.5.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution