Bump puma from 6.5.0 to 7.2.0

Bumps [puma](https://github.com/puma/puma) from 6.5.0 to 7.2.0. - [Release notes](https://github.com/puma/puma/releases) - [Changelog](https://github.com/puma/puma/blob/main/History.md) - [Commits](https://github.com/puma/puma/compare/v6.5.0...v7.2.0) --- updated-dependencies: - dependency-name: puma dependency-version: 7.2.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Merge pull request #14025 from openfoodfoundation/dependabot/npm_and_yarn/webpack-5.105.4
2026-03-14 04:04:23 +00:00 · 2026-03-13 09:33:46 +00:00 · 2026-03-13 11:07:34 +11:00 · 2026-03-13 09:33:03 +11:00 · 2026-03-13 09:30:32 +11:00 · 2026-03-12 17:36:40 +00:00
5 changed files with 59 additions and 52 deletions
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -185,8 +185,8 @@ GEM
    ast (2.4.3)
    attr_required (1.0.2)
    aws-eventstream (1.4.0)
-    aws-partitions (1.1196.0)
-    aws-sdk-core (3.240.0)
+    aws-partitions (1.1223.0)
+    aws-sdk-core (3.243.0)
      aws-eventstream (~> 1, >= 1.3.0)
      aws-partitions (~> 1, >= 1.992.0)
      aws-sigv4 (~> 1.9)
@@ -194,11 +194,11 @@ GEM
      bigdecimal
      jmespath (~> 1, >= 1.6.1)
      logger
-    aws-sdk-kms (1.118.0)
-      aws-sdk-core (~> 3, >= 3.239.1)
+    aws-sdk-kms (1.122.0)
+      aws-sdk-core (~> 3, >= 3.241.4)
      aws-sigv4 (~> 1.5)
-    aws-sdk-s3 (1.208.0)
-      aws-sdk-core (~> 3, >= 3.234.0)
+    aws-sdk-s3 (1.213.0)
+      aws-sdk-core (~> 3, >= 3.241.4)
      aws-sdk-kms (~> 1)
      aws-sigv4 (~> 1.5)
    aws-sigv4 (1.12.1)
@@ -342,14 +342,14 @@ GEM
      websocket-driver (~> 0.7)
    ffaker (2.25.0)
    ffi (1.17.3)
-    flipper (1.3.6)
+    flipper (1.4.0)
      concurrent-ruby (< 2)
-    flipper-active_record (1.3.6)
+    flipper-active_record (1.4.0)
      activerecord (>= 4.2, < 9)
-      flipper (~> 1.3.6)
-    flipper-ui (1.3.6)
+      flipper (~> 1.4.0)
+    flipper-ui (1.4.0)
      erubi (>= 1.0.0, < 2.0.0)
-      flipper (~> 1.3.6)
+      flipper (~> 1.4.0)
      rack (>= 1.4, < 4)
      rack-protection (>= 1.5.3, < 5.0.0)
      rack-session (>= 1.0.2, < 3.0.0)
@@ -613,7 +613,7 @@ GEM
      eventmachine_httpserver
      http_parser.rb (~> 0.8.0)
      multi_json
-    puma (6.5.0)
+    puma (7.2.0)
      nio4r (~> 2.0)
    query_count (1.1.1)
      activerecord (>= 4.2)
--- a/app/models/spree/ability.rb
+++ b/app/models/spree/ability.rb
@@ -315,7 +315,8 @@ module Spree

      can [:create], Spree::Order

-      can [:read, :update], Spree::Order do |order|
+      # Spree::Admin::PaymentController need to load the order to credit_customer
+      can [:read, :update, :credit_customer], Spree::Order do |order|
        # We allow editing orders with a nil distributor as this state occurs
        # during the order creation process from the admin backend
        order.distributor.nil? ||
@@ -367,7 +368,7 @@ module Spree
          can_edit_as_producer(shipment.order, user)
      end

-      can [:admin, :index, :read, :create, :edit, :update, :fire], Spree::Payment
+      can [:admin, :index, :read, :create, :edit, :update, :fire, :credit_customer], Spree::Payment
      can [:admin, :index, :read, :create, :edit, :update, :fire], Spree::Adjustment
      can [:admin, :index, :read, :create, :edit, :update, :fire], Spree::ReturnAuthorization
      can [:destroy], Spree::Adjustment do |adjustment|
--- a/spec/models/spree/ability_spec.rb
+++ b/spec/models/spree/ability_spec.rb
@@ -634,6 +634,11 @@ RSpec.describe Spree::Ability do
                                    for: Spree::Payment)
      end

+      it "is able to credit a customer" do
+        is_expected.to have_ability([:credit_customer], for: Spree::Order)
+        is_expected.to have_ability([:credit_customer], for: Spree::Payment)
+      end
+
      it "should be able to read/write Shipments on a product" do
        is_expected.to have_ability([:admin, :index, :read, :create, :edit, :update, :fire],
                                    for: Spree::Shipment)
@@ -697,6 +702,10 @@ RSpec.describe Spree::Ability do
        is_expected.to have_ability([:admin, :index, :update], for: Customer)
      end

+      it "is able to read/write customer account transaction" do
+        is_expected.to have_ability([:admin, :index, :create], for: CustomerAccountTransaction)
+      end
+
      context "for a given order_cycle" do
        let!(:order_cycle) { create(:simple_order_cycle, coordinator: d2) }
        let!(:exchange){
--- a/spec/requests/spree/admin/payments_spec.rb
+++ b/spec/requests/spree/admin/payments_spec.rb
@@ -1,11 +1,11 @@
 # frozen_string_literal: true

 RSpec.describe Spree::Admin::PaymentsController do
-  let(:user) { order.user }
  let(:order) { create(:completed_order_with_fees) }
+  let(:user) { create(:enterprise_user, enterprises: [order.distributor]) }

  before do
-    sign_in create(:admin_user)
+    sign_in user
  end

  describe "POST /admin/orders/:order_number/payments.json" do
@@ -369,8 +369,6 @@ RSpec.describe Spree::Admin::PaymentsController do

    before do
      allow(customer_credit_service_mock).to receive(:apply)
-      # order setup will call Orders::CustomerCreditService once
-      expect(Orders::CustomerCreditService).to receive(:new).and_call_original
      expect(Orders::CustomerCreditService).to receive(:new).and_return(
        customer_credit_service_mock
      )
--- a/yarn.lock
+++ b/yarn.lock
@@ -1376,25 +1376,25 @@
  dependencies:
    tslib "^2.4.0"

-"@floating-ui/core@^1.7.4":
-  version "1.7.4"
-  resolved "https://registry.yarnpkg.com/@floating-ui/core/-/core-1.7.4.tgz#4a006a6e01565c0f87ba222c317b056a2cffd2f4"
-  integrity sha512-C3HlIdsBxszvm5McXlB8PeOEWfBhcGBTZGkGlWc2U0KFY5IwG5OQEuQ8rq52DZmcHDlPLd+YFBK+cZcytwIFWg==
+"@floating-ui/core@^1.7.5":
+  version "1.7.5"
+  resolved "https://registry.yarnpkg.com/@floating-ui/core/-/core-1.7.5.tgz#d4af157a03330af5a60e69da7a4692507ada0622"
+  integrity sha512-1Ih4WTWyw0+lKyFMcBHGbb5U5FtuHJuujoyyr5zTaWS5EYMeT6Jb2AuDeftsCsEuchO+mM2ij5+q9crhydzLhQ==
  dependencies:
-    "@floating-ui/utils" "^0.2.10"
+    "@floating-ui/utils" "^0.2.11"

 "@floating-ui/dom@*":
-  version "1.7.5"
-  resolved "https://registry.yarnpkg.com/@floating-ui/dom/-/dom-1.7.5.tgz#60bfc83a4d1275b2a90db76bf42ca2a5f2c231c2"
-  integrity sha512-N0bD2kIPInNHUHehXhMke1rBGs1dwqvC9O9KYMyyjK7iXt7GAhnro7UlcuYcGdS/yYOlq0MAVgrow8IbWJwyqg==
+  version "1.7.6"
+  resolved "https://registry.yarnpkg.com/@floating-ui/dom/-/dom-1.7.6.tgz#f915bba5abbb177e1f227cacee1b4d0634b187bf"
+  integrity sha512-9gZSAI5XM36880PPMm//9dfiEngYoC6Am2izES1FF406YFsjvyBMmeJ2g4SAju3xWwtuynNRFL2s9hgxpLI5SQ==
  dependencies:
-    "@floating-ui/core" "^1.7.4"
-    "@floating-ui/utils" "^0.2.10"
+    "@floating-ui/core" "^1.7.5"
+    "@floating-ui/utils" "^0.2.11"

-"@floating-ui/utils@^0.2.10":
-  version "0.2.10"
-  resolved "https://registry.yarnpkg.com/@floating-ui/utils/-/utils-0.2.10.tgz#a2a1e3812d14525f725d011a73eceb41fef5bc1c"
-  integrity sha512-aGTxbpbg8/b5JfU1HXSrbH3wXZuLPJcNEcZQFMxLs3oSzgtVu6nFPkbbGGUvBcUjKV2YyB9Wxxabo+HEH9tcRQ==
+"@floating-ui/utils@^0.2.11":
+  version "0.2.11"
+  resolved "https://registry.yarnpkg.com/@floating-ui/utils/-/utils-0.2.11.tgz#a269e055e40e2f45873bae9d1a2fdccbd314ea3f"
+  integrity sha512-RiB/yIh78pcIxl6lLMG0CgBXAZ2Y0eVHqMPYugu+9U0AeT6YBeiJpf7lbdJNIugFP5SIjwNRgo4DhR1Qxi26Gg==

 "@googlemaps/js-api-loader@^1.16.6":
  version "1.16.10"
@@ -3513,10 +3513,10 @@ engine.io@~6.6.0:
    engine.io-parser "~5.2.1"
    ws "~8.17.1"

-enhanced-resolve@^5.19.0:
-  version "5.19.0"
-  resolved "https://registry.yarnpkg.com/enhanced-resolve/-/enhanced-resolve-5.19.0.tgz#6687446a15e969eaa63c2fa2694510e17ae6d97c"
-  integrity sha512-phv3E1Xl4tQOShqSte26C7Fl84EwUdZsyOuSSk9qtAGyyQs2s3jJzComh+Abf4g187lUUAvH+H26omrqia2aGg==
+enhanced-resolve@^5.20.0:
+  version "5.20.0"
+  resolved "https://registry.yarnpkg.com/enhanced-resolve/-/enhanced-resolve-5.20.0.tgz#323c2a70d2aa7fb4bdfd6d3c24dfc705c581295d"
+  integrity sha512-/ce7+jQ1PQ6rVXwe+jKEg5hW5ciicHwIQUagZkp6IufBoY3YDgdTTY1azVs0qoRgVmvsNB+rbjLJxDAeHHtwsQ==
  dependencies:
    graceful-fs "^4.2.4"
    tapable "^2.3.0"
@@ -6015,9 +6015,9 @@ postcss-value-parser@^4.0.0, postcss-value-parser@^4.1.0, postcss-value-parser@^
  integrity sha512-1NNCs6uurfkVbeXG4S8JFT9t19m45ICnif8zWLd5oPSZ50QnwMfK+H3jv408d4jw/7Bttv5axS5IiHoLaVNHeQ==

 postcss@^8.4.40, postcss@^8.5.6:
-  version "8.5.6"
-  resolved "https://registry.yarnpkg.com/postcss/-/postcss-8.5.6.tgz#2825006615a619b4f62a9e7426cc120b349a8f3c"
-  integrity sha512-3Ybi1tAuwAP9s0r1UQ2J4n5Y0G05bJkpUIO0/bI9MhwmD70S5aTWbXGBwxHrelT+XM1k6dM0pk+SwNkpTRN7Pg==
+  version "8.5.8"
+  resolved "https://registry.yarnpkg.com/postcss/-/postcss-8.5.8.tgz#6230ecc8fb02e7a0f6982e53990937857e13f399"
+  integrity sha512-OW/rX8O/jXnm82Ey1k44pObPtdblfiuWnrd8X7GJ7emImCOstunGbXUpp7HdBrFQX6rJzn3sPT397Wp5aCwCHg==
  dependencies:
    nanoid "^3.3.11"
    picocolors "^1.1.1"
@@ -6994,15 +6994,14 @@ tapable@^2.2.1, tapable@^2.3.0:
  resolved "https://registry.yarnpkg.com/tapable/-/tapable-2.3.0.tgz#7e3ea6d5ca31ba8e078b560f0d83ce9a14aa8be6"
  integrity sha512-g9ljZiwki/LfxmQADO3dEY1CbpmXT5Hm2fJ+QaGKwSXUylMybePR7/67YW7jOrrvjEgL1Fmz5kzyAjWVWLlucg==

-terser-webpack-plugin@^5.3.16:
-  version "5.3.16"
-  resolved "https://registry.yarnpkg.com/terser-webpack-plugin/-/terser-webpack-plugin-5.3.16.tgz#741e448cc3f93d8026ebe4f7ef9e4afacfd56330"
-  integrity sha512-h9oBFCWrq78NyWWVcSwZarJkZ01c2AyGrzs1crmHZO3QUg9D61Wu4NPjBy69n7JqylFF5y+CsUZYmYEIZ3mR+Q==
+terser-webpack-plugin@^5.3.16, terser-webpack-plugin@^5.3.17:
+  version "5.4.0"
+  resolved "https://registry.yarnpkg.com/terser-webpack-plugin/-/terser-webpack-plugin-5.4.0.tgz#95fc4cf4437e587be11ecf37d08636089174d76b"
+  integrity sha512-Bn5vxm48flOIfkdl5CaD2+1CiUVbonWQ3KQPyP7/EuIl9Gbzq/gQFOzaMFUEgVjB1396tcK0SG8XcNJ/2kDH8g==
  dependencies:
    "@jridgewell/trace-mapping" "^0.3.25"
    jest-worker "^27.4.5"
    schema-utils "^4.3.0"
-    serialize-javascript "^6.0.2"
    terser "^5.31.1"

 terser@^5.31.1:
@@ -7086,9 +7085,9 @@ tr46@^5.1.0:
    punycode "^2.3.1"

 trix@*:
-  version "2.1.16"
-  resolved "https://registry.yarnpkg.com/trix/-/trix-2.1.16.tgz#601be839258b87cc83019915650c50eb7cbc161e"
-  integrity sha512-XtZgWI+oBvLzX7CWnkIf+ZWC+chL+YG/TkY43iMTV0Zl+CJjn18B1GJUCEWJ8qgfpcyMBuysnNAfPWiv2sV14A==
+  version "2.1.17"
+  resolved "https://registry.yarnpkg.com/trix/-/trix-2.1.17.tgz#a47c4ee1925a7abb26aee5c094ec7ef9fe49575a"
+  integrity sha512-nkHg7VgIItGVx1CFA645dDlAoCgah+9gv80Yc+97aS8jkZmO5K4MxkSqmU9t/C8upqZB8uhfJs90epoDfYz/6Q==
  dependencies:
    dompurify "^3.2.5"

@@ -7376,9 +7375,9 @@ webpack-sources@^3.3.3, webpack-sources@^3.3.4:
  integrity sha512-7tP1PdV4vF+lYPnkMR0jMY5/la2ub5Fc/8VQrrU+lXkiM6C4TjVfGw7iKfyhnTQOsD+6Q/iKw0eFciziRgD58Q==

 webpack@^5.104.0:
-  version "5.105.3"
-  resolved "https://registry.yarnpkg.com/webpack/-/webpack-5.105.3.tgz#307ad95bafffd08bc81049d6519477b16e42e7ba"
-  integrity sha512-LLBBA4oLmT7sZdHiYE/PeVuifOxYyE2uL/V+9VQP7YSYdJU7bSf7H8bZRRxW8kEPMkmVjnrXmoR3oejIdX0xbg==
+  version "5.105.4"
+  resolved "https://registry.yarnpkg.com/webpack/-/webpack-5.105.4.tgz#1b77fcd55a985ac7ca9de80a746caffa38220169"
+  integrity sha512-jTywjboN9aHxFlToqb0K0Zs9SbBoW4zRUlGzI2tYNxVYcEi/IPpn+Xi4ye5jTLvX2YeLuic/IvxNot+Q1jMoOw==
  dependencies:
    "@types/eslint-scope" "^3.7.7"
    "@types/estree" "^1.0.8"
@@ -7390,7 +7389,7 @@ webpack@^5.104.0:
    acorn-import-phases "^1.0.3"
    browserslist "^4.28.1"
    chrome-trace-event "^1.0.2"
-    enhanced-resolve "^5.19.0"
+    enhanced-resolve "^5.20.0"
    es-module-lexer "^2.0.0"
    eslint-scope "5.1.1"
    events "^3.2.0"
@@ -7402,7 +7401,7 @@ webpack@^5.104.0:
    neo-async "^2.6.2"
    schema-utils "^4.3.3"
    tapable "^2.3.0"
-    terser-webpack-plugin "^5.3.16"
+    terser-webpack-plugin "^5.3.17"
    watchpack "^2.5.1"
    webpack-sources "^3.3.4"
Author	SHA1	Message	Date
dependabot[bot]	fcb3b67efb	Bump puma from 6.5.0 to 7.2.0 Bumps [puma](https://github.com/puma/puma) from 6.5.0 to 7.2.0. - [Release notes](https://github.com/puma/puma/releases) - [Changelog](https://github.com/puma/puma/blob/main/History.md) - [Commits](https://github.com/puma/puma/compare/v6.5.0...v7.2.0) --- updated-dependencies: - dependency-name: puma dependency-version: 7.2.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2026-03-13 09:33:46 +00:00
Gaetan Craig-Riou	50c0c3f0b6	Merge pull request #14025 from openfoodfoundation/dependabot/npm_and_yarn/webpack-5.105.4 Bump webpack from 5.105.3 to 5.105.4	2026-03-13 11:07:34 +11:00
Maikel	6d65607e3b	Merge pull request #14022 from rioug/14014-manual-credit-customer-authorization [Payment with Credit] Fix manual crediting customer	2026-03-13 09:33:03 +11:00
Maikel	43134223ca	Merge pull request #14039 from openfoodfoundation/dependabot/npm_and_yarn/trix-2.1.17 Bump trix from 2.1.16 to 2.1.17	2026-03-13 09:30:32 +11:00
dependabot[bot]	8510a3c70d	Bump trix from 2.1.16 to 2.1.17 Bumps [trix](https://github.com/basecamp/trix) from 2.1.16 to 2.1.17. - [Release notes](https://github.com/basecamp/trix/releases) - [Commits](https://github.com/basecamp/trix/compare/v2.1.16...v2.1.17) --- updated-dependencies: - dependency-name: trix dependency-version: 2.1.17 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2026-03-12 17:36:40 +00:00
dependabot[bot]	80ffcb9074	Bump webpack from 5.105.3 to 5.105.4 Bumps [webpack](https://github.com/webpack/webpack) from 5.105.3 to 5.105.4. - [Release notes](https://github.com/webpack/webpack/releases) - [Changelog](https://github.com/webpack/webpack/blob/main/CHANGELOG.md) - [Commits](https://github.com/webpack/webpack/compare/v5.105.3...v5.105.4) --- updated-dependencies: - dependency-name: webpack dependency-version: 5.105.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-03-12 01:44:14 +00:00
Maikel	cdd6c0f66c	Merge pull request #14026 from openfoodfoundation/dependabot/bundler/aws-sdk-s3-1.213.0 Bump aws-sdk-s3 from 1.208.0 to 1.213.0	2026-03-12 12:44:11 +11:00
Maikel	ebc7dc9bcf	Merge pull request #14024 from openfoodfoundation/dependabot/npm_and_yarn/terser-webpack-plugin-5.3.17 Bump terser-webpack-plugin from 5.3.16 to 5.3.17	2026-03-12 12:42:08 +11:00
dependabot[bot]	98c3b0eac4	Bump aws-sdk-s3 from 1.208.0 to 1.213.0 Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.208.0 to 1.213.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/commits) --- updated-dependencies: - dependency-name: aws-sdk-s3 dependency-version: 1.213.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2026-03-11 09:33:29 +00:00
dependabot[bot]	5e46c35f68	Bump terser-webpack-plugin from 5.3.16 to 5.3.17 Bumps [terser-webpack-plugin](https://github.com/webpack/terser-webpack-plugin) from 5.3.16 to 5.3.17. - [Release notes](https://github.com/webpack/terser-webpack-plugin/releases) - [Changelog](https://github.com/webpack/terser-webpack-plugin/blob/main/CHANGELOG.md) - [Commits](https://github.com/webpack/terser-webpack-plugin/compare/v5.3.16...v5.3.17) --- updated-dependencies: - dependency-name: terser-webpack-plugin dependency-version: 5.3.17 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-03-11 09:32:58 +00:00
Gaetan Craig-Riou	4946ffc329	Add specs for CustomerAccountTransaction ability	2026-03-11 15:45:33 +11:00
Gaetan Craig-Riou	c134bbf49b	Add missing ability for credit customer Fix the specs to use a non super admin user, so it should catch missing ability in the future.	2026-03-11 15:34:27 +11:00
Gaetan Craig-Riou	dff9d7ede6	Merge pull request #14009 from openfoodfoundation/dependabot/npm_and_yarn/postcss-8.5.8 Bump postcss from 8.5.6 to 8.5.8	2026-03-11 10:32:14 +11:00
Gaetan Craig-Riou	210303de90	Merge pull request #14011 from openfoodfoundation/dependabot/bundler/flipper-ui-1.4.0 Bump flipper-ui from 1.3.6 to 1.4.0	2026-03-11 10:30:56 +11:00
Gaetan Craig-Riou	7a0eee121d	Merge pull request #14010 from openfoodfoundation/dependabot/npm_and_yarn/floating-ui/dom-1.7.6 Bump @floating-ui/dom from 1.7.5 to 1.7.6	2026-03-11 10:24:43 +11:00
dependabot[bot]	8064154a86	Bump flipper-ui from 1.3.6 to 1.4.0 Bumps [flipper-ui](https://github.com/flippercloud/flipper) from 1.3.6 to 1.4.0. - [Release notes](https://github.com/flippercloud/flipper/releases) - [Changelog](https://github.com/flippercloud/flipper/blob/main/Changelog.md) - [Commits](https://github.com/flippercloud/flipper/compare/v1.3.6...v1.4.0) --- updated-dependencies: - dependency-name: flipper-ui dependency-version: 1.4.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2026-03-10 09:34:57 +00:00
dependabot[bot]	c3051ea351	Bump @floating-ui/dom from 1.7.5 to 1.7.6 Bumps [@floating-ui/dom](https://github.com/floating-ui/floating-ui/tree/HEAD/packages/dom) from 1.7.5 to 1.7.6. - [Release notes](https://github.com/floating-ui/floating-ui/releases) - [Changelog](https://github.com/floating-ui/floating-ui/blob/master/packages/dom/CHANGELOG.md) - [Commits](https://github.com/floating-ui/floating-ui/commits/@floating-ui/dom@1.7.6/packages/dom) --- updated-dependencies: - dependency-name: "@floating-ui/dom" dependency-version: 1.7.6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-03-10 09:33:40 +00:00
dependabot[bot]	c850feeab8	Bump postcss from 8.5.6 to 8.5.8 Bumps [postcss](https://github.com/postcss/postcss) from 8.5.6 to 8.5.8. - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/postcss/compare/8.5.6...8.5.8) --- updated-dependencies: - dependency-name: postcss dependency-version: 8.5.8 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-03-10 09:33:21 +00:00