Tailwind CSS version 1.9.5 is a minor update building upon the solid foundation of version 1.9.4, both offering a utility-first CSS framework designed for rapid UI development. The core functionality remains consistent, providing developers with a comprehensive set of pre-designed CSS classes to streamline styling. Examining the package.json files reveals no significant changes in dependencies or devDependencies between the two versions. The libraries are basically identical in terms of functionality. However, a noteworthy difference lies in the dist section. Version 1.9.5 has an unpacked size of 21413703 while 1.9.4 has an unpacked size of 19977333, suggesting possible added assets , or a fix to an issue which pumped up the filesize. Also, version 1.9.5 was released on "2020-10-19T15:50:23.191Z" whereas the previous version was released on "2020-10-17T16:55:56.377Z" this indicates that version 1.9.5 contains fixes and/or extremely minor features. Therefore, upgrading to version 1.9.5 from 1.9.4 is recommended to ensure developers have the latest stability improvements and potential bug fixes. Web developers should run tests post-upgrade to ensure no new issues may have arisen, although the upgrade should be fairly seamless since it is very minor.
All the vulnerabilities related to the version 1.9.5 of the package
PostCSS line return parsing error
An issue was discovered in PostCSS before 8.4.31. It affects linters using PostCSS to parse external Cascading Style Sheets (CSS). There may be \r discrepancies, as demonstrated by @font-face{ font:(\r/*);} in a rule.
This vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being originally included in a comment.
