From 22178ffe09b7d34fd459291c697c1cea3fb56bea Mon Sep 17 00:00:00 2001
From: Alan Agius <17563226+alan-agius4@users.noreply.github.com>
Date: Tue, 28 Apr 2026 09:58:30 +0000
Subject: [PATCH] fix(@angular-devkit/build-angular): upgrade postcss to 8.5.12

This addresses GHSA-qx2v-qp2m-jg93

Fixes: #33067
---
 packages/angular/build/package.json           |  2 +-
 .../THIRD_PARTY_LICENSES.txt.golden           |  2 +-
 .../angular_devkit/build_angular/package.json |  2 +-
 pnpm-lock.yaml                                | 70 +++++++++----------
 4 files changed, 38 insertions(+), 38 deletions(-)

diff --git a/packages/angular/build/package.json b/packages/angular/build/package.json
index a0e52d876ad5..cc7abb24e8bb 100644
--- a/packages/angular/build/package.json
+++ b/packages/angular/build/package.json
@@ -54,7 +54,7 @@
     "jsdom": "26.1.0",
     "less": "4.4.0",
     "ng-packagr": "20.3.0",
-    "postcss": "8.5.6",
+    "postcss": "8.5.12",
     "rxjs": "7.8.2",
     "vitest": "3.2.4"
   },
diff --git a/packages/angular/ssr/test/npm_package/THIRD_PARTY_LICENSES.txt.golden b/packages/angular/ssr/test/npm_package/THIRD_PARTY_LICENSES.txt.golden
index afbe64cd3fc4..cf31c4979bcf 100644
--- a/packages/angular/ssr/test/npm_package/THIRD_PARTY_LICENSES.txt.golden
+++ b/packages/angular/ssr/test/npm_package/THIRD_PARTY_LICENSES.txt.golden
@@ -449,7 +449,7 @@ License: MIT
 
 The MIT License (MIT)
 
-Copyright 2013 Andrey Sitnik <andrey@sitnik.ru>
+Copyright 2013 Andrey Sitnik <andrey@sitnik.es>
 
 Permission is hereby granted, free of charge, to any person obtaining a copy of
 this software and associated documentation files (the "Software"), to deal in
diff --git a/packages/angular_devkit/build_angular/package.json b/packages/angular_devkit/build_angular/package.json
index 28c8fc10bd03..2b3acfdc12da 100644
--- a/packages/angular_devkit/build_angular/package.json
+++ b/packages/angular_devkit/build_angular/package.json
@@ -43,7 +43,7 @@
     "ora": "8.2.0",
     "picomatch": "4.0.4",
     "piscina": "5.1.3",
-    "postcss": "8.5.6",
+    "postcss": "8.5.12",
     "postcss-loader": "8.1.1",
     "resolve-url-loader": "5.0.0",
     "rxjs": "7.8.2",
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index d4cac7ae7c1f..0a4490b43567 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -441,8 +441,8 @@ importers:
         specifier: 20.3.0
         version: 20.3.0(@angular/compiler-cli@20.3.7(@angular/compiler@20.3.7)(typescript@5.9.2))(tslib@2.8.1)(typescript@5.9.2)
       postcss:
-        specifier: 8.5.6
-        version: 8.5.6
+        specifier: 8.5.12
+        version: 8.5.12
       rxjs:
         specifier: 7.8.2
         version: 7.8.2
@@ -640,7 +640,7 @@ importers:
         version: 4.1.3
       autoprefixer:
         specifier: 10.4.21
-        version: 10.4.21(postcss@8.5.6)
+        version: 10.4.21(postcss@8.5.12)
       babel-loader:
         specifier: 10.0.0
         version: 10.0.0(@babel/core@7.28.3)(webpack@5.105.0(esbuild@0.28.0))
@@ -699,11 +699,11 @@ importers:
         specifier: 5.1.3
         version: 5.1.3
       postcss:
-        specifier: 8.5.6
-        version: 8.5.6
+        specifier: 8.5.12
+        version: 8.5.12
       postcss-loader:
         specifier: 8.1.1
-        version: 8.1.1(postcss@8.5.6)(typescript@5.9.2)(webpack@5.105.0(esbuild@0.28.0))
+        version: 8.1.1(postcss@8.5.12)(typescript@5.9.2)(webpack@5.105.0(esbuild@0.28.0))
       resolve-url-loader:
         specifier: 5.0.0
         version: 5.0.0
@@ -7787,8 +7787,8 @@ packages:
   postcss-value-parser@4.2.0:
     resolution: {integrity: sha512-1NNCs6uurfkVbeXG4S8JFT9t19m45ICnif8zWLd5oPSZ50QnwMfK+H3jv408d4jw/7Bttv5axS5IiHoLaVNHeQ==}
 
-  postcss@8.5.6:
-    resolution: {integrity: sha512-3Ybi1tAuwAP9s0r1UQ2J4n5Y0G05bJkpUIO0/bI9MhwmD70S5aTWbXGBwxHrelT+XM1k6dM0pk+SwNkpTRN7Pg==}
+  postcss@8.5.12:
+    resolution: {integrity: sha512-W62t/Se6rA0Az3DfCL0AqJwXuKwBeYg6nOaIgzP+xZ7N5BFCI7DYi1qs6ygUYT6rvfi6t9k65UMLJC+PHZpDAA==}
     engines: {node: ^10 || ^12 || >=14}
 
   prelude-ls@1.2.1:
@@ -13368,14 +13368,14 @@ snapshots:
 
   atomic-sleep@1.0.0: {}
 
-  autoprefixer@10.4.21(postcss@8.5.6):
+  autoprefixer@10.4.21(postcss@8.5.12):
     dependencies:
       browserslist: 4.26.3
       caniuse-lite: 1.0.30001750
       fraction.js: 4.3.7
       normalize-range: 0.1.2
       picocolors: 1.1.1
-      postcss: 8.5.6
+      postcss: 8.5.12
       postcss-value-parser: 4.2.0
 
   available-typed-arrays@1.0.7:
@@ -13485,7 +13485,7 @@ snapshots:
       domhandler: 5.0.3
       htmlparser2: 10.0.0
       picocolors: 1.1.1
-      postcss: 8.5.6
+      postcss: 8.5.12
       postcss-media-query-parser: 0.2.3
 
   before-after-hook@4.0.0: {}
@@ -14048,12 +14048,12 @@ snapshots:
 
   css-loader@7.1.2(webpack@5.105.0(esbuild@0.28.0)):
     dependencies:
-      icss-utils: 5.1.0(postcss@8.5.6)
-      postcss: 8.5.6
-      postcss-modules-extract-imports: 3.1.0(postcss@8.5.6)
-      postcss-modules-local-by-default: 4.2.0(postcss@8.5.6)
-      postcss-modules-scope: 3.2.1(postcss@8.5.6)
-      postcss-modules-values: 4.0.0(postcss@8.5.6)
+      icss-utils: 5.1.0(postcss@8.5.12)
+      postcss: 8.5.12
+      postcss-modules-extract-imports: 3.1.0(postcss@8.5.12)
+      postcss-modules-local-by-default: 4.2.0(postcss@8.5.12)
+      postcss-modules-scope: 3.2.1(postcss@8.5.12)
+      postcss-modules-values: 4.0.0(postcss@8.5.12)
       postcss-value-parser: 4.2.0
       semver: 7.7.2
     optionalDependencies:
@@ -15582,9 +15582,9 @@ snapshots:
     dependencies:
       safer-buffer: 2.1.2
 
-  icss-utils@5.1.0(postcss@8.5.6):
+  icss-utils@5.1.0(postcss@8.5.12):
     dependencies:
-      postcss: 8.5.6
+      postcss: 8.5.12
 
   idb@7.1.1: {}
 
@@ -16671,7 +16671,7 @@ snapshots:
       less: 4.4.0
       ora: 8.2.0
       piscina: 5.1.3
-      postcss: 8.5.6
+      postcss: 8.5.12
       rollup-plugin-dts: 6.2.1(rollup@4.59.0)(typescript@5.9.2)
       rxjs: 7.8.2
       sass: 1.90.0
@@ -17161,11 +17161,11 @@ snapshots:
 
   possible-typed-array-names@1.1.0: {}
 
-  postcss-loader@8.1.1(postcss@8.5.6)(typescript@5.9.2)(webpack@5.105.0(esbuild@0.28.0)):
+  postcss-loader@8.1.1(postcss@8.5.12)(typescript@5.9.2)(webpack@5.105.0(esbuild@0.28.0)):
     dependencies:
       cosmiconfig: 9.0.0(typescript@5.9.2)
       jiti: 1.21.7
-      postcss: 8.5.6
+      postcss: 8.5.12
       semver: 7.7.2
     optionalDependencies:
       webpack: 5.105.0(esbuild@0.28.0)
@@ -17174,26 +17174,26 @@ snapshots:
 
   postcss-media-query-parser@0.2.3: {}
 
-  postcss-modules-extract-imports@3.1.0(postcss@8.5.6):
+  postcss-modules-extract-imports@3.1.0(postcss@8.5.12):
     dependencies:
-      postcss: 8.5.6
+      postcss: 8.5.12
 
-  postcss-modules-local-by-default@4.2.0(postcss@8.5.6):
+  postcss-modules-local-by-default@4.2.0(postcss@8.5.12):
     dependencies:
-      icss-utils: 5.1.0(postcss@8.5.6)
-      postcss: 8.5.6
+      icss-utils: 5.1.0(postcss@8.5.12)
+      postcss: 8.5.12
       postcss-selector-parser: 7.1.0
       postcss-value-parser: 4.2.0
 
-  postcss-modules-scope@3.2.1(postcss@8.5.6):
+  postcss-modules-scope@3.2.1(postcss@8.5.12):
     dependencies:
-      postcss: 8.5.6
+      postcss: 8.5.12
       postcss-selector-parser: 7.1.0
 
-  postcss-modules-values@4.0.0(postcss@8.5.6):
+  postcss-modules-values@4.0.0(postcss@8.5.12):
     dependencies:
-      icss-utils: 5.1.0(postcss@8.5.6)
-      postcss: 8.5.6
+      icss-utils: 5.1.0(postcss@8.5.12)
+      postcss: 8.5.12
 
   postcss-selector-parser@7.1.0:
     dependencies:
@@ -17202,7 +17202,7 @@ snapshots:
 
   postcss-value-parser@4.2.0: {}
 
-  postcss@8.5.6:
+  postcss@8.5.12:
     dependencies:
       nanoid: 3.3.11
       picocolors: 1.1.1
@@ -17557,7 +17557,7 @@ snapshots:
       adjust-sourcemap-loader: 4.0.0
       convert-source-map: 1.9.0
       loader-utils: 2.0.4
-      postcss: 8.5.6
+      postcss: 8.5.12
       source-map: 0.6.1
 
   resolve@1.22.10:
@@ -18795,7 +18795,7 @@ snapshots:
       esbuild: 0.27.7
       fdir: 6.5.0(picomatch@4.0.4)
       picomatch: 4.0.4
-      postcss: 8.5.6
+      postcss: 8.5.12
       rollup: 4.59.0
       tinyglobby: 0.2.15
     optionalDependencies: