Tailwind CSS version 1.6.3 represents a minor update over its predecessor, version 1.6.2, offering subtle improvements and refinements to this utility-first CSS framework. Both versions share identical core dependencies, ensuring a consistent experience regarding underlying functionalities. Developers can expect familiar libraries like lodash, postcss, and @fullhuman/postcss-purgecss to behave as expected. Similarly, the development dependencies remain the same, meaning that tooling for testing (Jest, Babel), linting (ESLint) and formatting (Prettier) are consistent across both versions.
The key difference lies in the releaseDate, indicating that version 1.6.3 was released after 1.6.2 (August 18, 2020, vs August 3, 2020). The unpackedSize also differs slightly indicating some files changed of a small amount. This suggests that 1.6.3 likely incorporates bug fixes, performance enhancements, or minor feature tweaks rather than a major overhaul.
Developers considering upgrading from 1.6.2 to 1.6.3 can anticipate a smooth transition, as the core framework and its dependencies remain unchanged. The identical dependency list minimizes the potential for breaking changes or compatibility issues. It would be recommended to check the tailwindcss's official release notes for a precise list of changes, however, the user should anticipate minor fixes and small improvements to an already stable and powerful CSS framework. The continued use of libraries like postcss-selector-parser and postcss-functions, indicates strong stability in tailwind's postCSS processing and utilities.
All the vulnerabilities related to the version 1.6.3 of the package
PostCSS line return parsing error
An issue was discovered in PostCSS before 8.4.31. It affects linters using PostCSS to parse external Cascading Style Sheets (CSS). There may be \r discrepancies, as demonstrated by @font-face{ font:(\r/*);} in a rule.
This vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being originally included in a comment.
