From c919a2f61de3102744c3b35e13bfdf0ea48b640a Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 12 May 2021 00:25:08 +0000
Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-POSTCSS-1255640
---
 package.json | 2 +-
 yarn.lock    | 9 +++++----
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/package.json b/package.json
index 7a6eaa4..cfbca39 100644
--- a/package.json
+++ b/package.json
@@ -38,7 +38,7 @@
   },
   "browserslist": ["> 1%", "last 2 versions", "not ie <= 10"],
   "dependencies": {
-    "postcss-css-variables": "^0.8.1",
+    "postcss-css-variables": "^0.18.0",
     "postcss-nested": "^3.0.0",
     "promis": "^1.1.4"
   },
diff --git a/yarn.lock b/yarn.lock
index 406973c..6adf61d 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -5576,13 +5576,14 @@ postcss-convert-values@^2.3.4:
     postcss "^5.0.11"
     postcss-value-parser "^3.1.2"
 
-postcss-css-variables@^0.8.1:
-  version "0.8.1"
-  resolved "https://registry.yarnpkg.com/postcss-css-variables/-/postcss-css-variables-0.8.1.tgz#a52e5ef1a2eb633a8a4f5fc434d6d85d40fe7310"
+postcss-css-variables@^0.18.0:
+  version "0.18.0"
+  resolved "https://registry.yarnpkg.com/postcss-css-variables/-/postcss-css-variables-0.18.0.tgz#d97b6da19e86245eb817006e11117382f997bb93"
+  integrity sha512-lYS802gHbzn1GI+lXvy9MYIYDuGnl1WB4FTKoqMQqJ3Mab09A7a/1wZvGTkCEZJTM8mSbIyb1mJYn8f0aPye0Q==
   dependencies:
+    balanced-match "^1.0.0"
     escape-string-regexp "^1.0.3"
     extend "^3.0.1"
-    postcss "^6.0.8"
 
 postcss-csso@^3.0.0:
   version "3.0.0"