fix: packages/@vuepress/core/package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-POSTCSS-5926692
sgmelayu · Oct 1, 2023 · 942f31d · 942f31d
1 parent 4e206a2
commit 942f31d
Showing 1 changed file with 5 additions and 5 deletions.
diff --git a/packages/@vuepress/core/package.json b/packages/@vuepress/core/package.json
@@ -30,23 +30,23 @@
     "@vuepress/plugin-last-updated": "1.8.2",
     "@vuepress/plugin-register-components": "1.8.2",
     "@vuepress/shared-utils": "1.8.2",
-    "autoprefixer": "^9.5.1",
+    "autoprefixer": "^10.0.0",
     "babel-loader": "^8.0.4",
     "cache-loader": "^3.0.0",
     "chokidar": "^2.0.3",
     "connect-history-api-fallback": "^1.5.0",
     "copy-webpack-plugin": "^5.0.2",
     "core-js": "^3.6.4",
     "cross-spawn": "^6.0.5",
-    "css-loader": "^2.1.1",
+    "css-loader": "^5.0.0",
     "file-loader": "^3.0.1",
     "js-yaml": "^3.13.1",
     "lru-cache": "^5.1.1",
     "mini-css-extract-plugin": "0.6.0",
-    "optimize-css-assets-webpack-plugin": "^5.0.1",
+    "optimize-css-assets-webpack-plugin": "^6.0.0",
     "portfinder": "^1.0.13",
-    "postcss-loader": "^3.0.0",
-    "postcss-safe-parser": "^4.0.1",
+    "postcss-loader": "^4.0.0",
+    "postcss-safe-parser": "^5.0.0",
     "toml": "^3.0.0",
     "url-loader": "^1.0.1",
     "vue": "^2.6.10",