[Snyk] Security upgrade postcss-loader from 6.2.1 to 7.1.0

[eheimbuch]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • scm-ui/ui-scripts/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Uncaught Exception SNYK-JS-YAML-5458867	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: postcss-loader

The new version differs by 61 commits.

• b5c55fb chore(release): 7.1.0
• 8114be4 feat(deps): update `cosmiconfig` (Repository Templates #628)
• 054ee90 docs: fix default value of config (How to avoid triggering Jenkins to build when particular change commit. #626) (Non-ASCII passwords with BASIC Authentication #627)
• f6e1cde chore(deps-dev): bump webpack from 5.75.0 to 5.76.0 (Creating Mercurial Repository failed #625)
• d7070b2 chore: update dependencies to the latest version (SVN 400 Bad request on COPY or MOVE when hosted in IIS using Helicon Zoo #624)
• 5128bee ci: use LTS node version in lint job (SVN/nginx - bad request #622)
• e1e5195 chore: update dependencies to the latest version (Git Push Notification #621)
• e6b2282 ci: use concurrency in github workflows (RPM timeout #620)
• fa8ebf6 chore: update ignorePaths in .cspell.json (Cannot update 1.35 to 1.40 #619)
• 5999338 chore(deps): bump json5 from 1.0.1 to 1.0.2 (Error editing User with loginname containing space #618)
• bef937b chore: update dependency review action (svn commit fails on imported svn repository with spaces #617)
• 2e7f227 chore: update dependencies to the latest version (SVN doesn't allow number in username in URL #616)
• c3f6c57 chore: update dependencies to the latest version (Change scmadmin account password #615)
• 2129116 chore(release): 7.0.2
• 955085f fix: support ESM version of `postcss.config.js` and `postcss.config.mjs` (ERROR sonia.scm.web.HgCGIExceptionHandler - not able to handle mercurial reques #614)
• b0f4749 chore: update styfle/cancel-workflow-action (I'm unable to login to SCM Manager with user scmadmin and password scmadmin credentials #612)
• ab3ff44 chore: add cSpell to check spelling issues (Could not load items. Server returned status: -1. #610)
• 3177135 chore: update dependencies to the latest version (LDAP unable to login after changing password #609)
• 08b19c7 docs: update cla link (memory leaks #608)
• 49a0943 ci: add node v19 (Can't Build with parameters in SCM Jenkins plugin #607)
• d274f90 ci: add dependency review action (subversion fails to commit filenames containing url-encoded character "/" #606)
• 64af37b chore: update dependencies to the latest version (Search in the commit and activity view #605)
• 548e8aa chore: update commitlint action (Can't restrict trigger only in the master/trunk commits #604)
• 42a085f chore: run cancel workflow on pull request (Loading plugins in scm version 1.40 running in tomcat 8.09 #603)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.