Cssnano version 5 represents a significant update to the popular CSS minification tool built upon the PostCSS ecosystem. The upgrade from version 4 involves several key changes developers should consider. Most notably, cssnano v5 shifts its peer dependency and underlying PostCSS version to ^8.2.1, a major jump from the ^7.0.0 requirement in v4. This is crucial because it means developers need to ensure their project also uses PostCSS 8 or higher to avoid compatibility issues. The move to PostCSS 8 signals that cssnano is embracing modern CSS features and functionalities offered by the newer PostCSS version, which provides performance improvements and access to a broader range of plugins. Another notable difference lies in the dependencies. Version 5 introduces a direct dependency on "opencollective-postinstall", absent in v4. The versions of "cosmiconfig", "is-resolvable", and "cssnano-preset-default" were updated to accommodate the new PostCSS peer dependency. Conversely, many development dependencies present in v4, such as "webpack", "babel-cli", and various Babel-related packages, have been removed in v5, suggesting a shift in the build or testing process. For developers, this means a potentially cleaner installation (though necessitating PostCSS 8) and a focus on newer tools that rely on the modern PostCSS ecosystem..
The are not vulnerabilities for the version 5.0.0 of the package cssnano
