Tailwind CSS version 1.8.7 introduces subtle improvements over its predecessor, version 1.8.6, offering enhanced stability and potentially minor bug fixes that developers might appreciate. While the core functionality remains consistent, evidenced by the identical dependency and devDependency lists, the key distinction lies in the release date. Version 1.8.7 was published on September 10, 2020, a day later than version 1.8.6. This suggests that the newer version addresses any immediate issues discovered in the initial release or incorporates very recent updates.
For developers already using Tailwind CSS, upgrading to 1.8.7 can be a worthwhile move to ensure they are benefiting from the most up-to-date iteration of the framework and any possible marginal improvements. While the unpacked size difference between the two versions is relatively small, newer versions contribute toward the continued improvements and address any small performance bottlenecks or refinements. Despite the incremental nature of the update, keeping up with the latest version ensures access to the most refined experience and reduces the chance of encountering issues resolved in the latest stable build. It ensures that developers will leverage the most polished version of this utility-first CSS framework when rapidly building custom user interfaces.
All the vulnerabilities related to the version 1.8.7 of the package
PostCSS line return parsing error
An issue was discovered in PostCSS before 8.4.31. It affects linters using PostCSS to parse external Cascading Style Sheets (CSS). There may be \r discrepancies, as demonstrated by @font-face{ font:(\r/*);} in a rule.
This vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being originally included in a comment.
