PostCSS Custom Properties, a plugin enabling the use of custom property queries within CSS, has a couple of interesting versions to consider. Version 12.1.4, released on January 31, 2022, made a noteworthy shift by declaring postcss as a peer dependency requiring at least version 8.4. This subtle change likely reflects adjustments in internal APIs or features within PostCSS itself. The devDependencies also saw a reduction in the version to 14.0.2 from '14' of postcss-import, removing postcss and postcss-tape altogether, which means the packages used for testing and development have been updated without affecting the core functionality. The bundle size has increased of around 400 bytes.
In contrast, version 12.1.3, released earlier on January 17, 2022, lists postcss as a peer dependency with a wider acceptable range starting from version 8.3. This provides greater flexibility for developers using older PostCSS versions. Furthermore, 12.1.3 includes postcss and postcss-tape amongst its devDependencies.
For developers, the choice hinges on their PostCSS environment. If you're using PostCSS 8.4 or later, version 12.1.4 is a suitable choice. However, if you need to support older PostCSS versions down to 8.3, sticking with version 12.1.3 might be necessary. Both versions maintain the core functionality of enabling custom property queries, licensed under MIT, and offer comparable file counts and unpacked sizes. Check the release notes to discover other changes.
The are not vulnerabilities for the version 12.1.4 of the package postcss-custom-properties
