[Snyk] Security upgrade css-loader from 4.0.0 to 5.0.0

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	336/1000 Why? Recently disclosed, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-POSTCSS-1090595	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: css-loader

The new version differs by 42 commits.

• 1351e3a chore(release): 5.0.0
• 747d62b feat: allow named exports to have underscores in names (Rename about-collaborative-development-models.md to collaborative-dev… github/docs#1209)
• 7bfe85d chore(deps): update (add container registry preview image github/docs#1208)
• b5c9379 feat: postcss@8 (This PR is stale because it has been open 7 days with no activity and will be automatically closed in 3 days. To keep this PR open, update the PR by adding a comment or pushing a commit. github/docs#1204)
• 92fe103 docs: context is localIdentContext in README ([GitHub Desktop] Stashing changes feature github/docs#1202)
• e5a9272 chore(deps): update ([GitHub Desktop] Disabling repo indicators feature github/docs#1203)
• 63b41be refactor: emoji deprecate
• 9f974be feat: reduce runtime
• d779eb1 feat: escape getLocalIdent by default (chore: Upgrade actions/cache to v2.1.3 github/docs#1196)
• dd52931 feat: hide warning on no plugins (فح github/docs#1195)
• 52412f6 feat: improve error message
• 0f95841 feat: add fallback if custom getLocalIdent returns null (Remove note about package immutability github/docs#1193)
• 2f1573f feat: auto enable icss modules
• df111b8 test: import with file protocol
• cfe669f refactor: remove icss option (SSH file to "id_ed25519.pub" github/docs#1189)
• 57eb505 chore(release): 4.3.0
• 3ddcc7b chore(deps): update deps (Someone is use a fake account an hacking github/docs#1186)
• 88b8ddc fix: line breaks in `url` function
• 8b865fe test: source map (Add entry to table "create, edit, delete labels" github/docs#1180)
• ec58a7c feat: the `importLoaders` can be `string` (Add row with create/edit/delete labels rights overview to permission level table github/docs#1178)
• df490c7 test: sass-loader next (chore: Format json files with Prettier github/docs#1177)
• 26a3062 chore(release): 4.2.2
• e42f046 refactor: improve sources handling in source maps (Update index.md github/docs#1176)
• 4ce556a docs: fix type (Update access-supachai01-on-github.md github/docs#1174)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic