[Security] Bump postcss from 8.4.30 to 8.4.31

Bumps postcss from 8.4.30 to 8.4.31. This update includes a security fix.

Vulnerabilities fixed

PostCSS line return parsing error An issue was discovered in PostCSS before 8.4.31. It affects linters using PostCSS to parse external Cascading Style Sheets (CSS). There may be \r discrepancies, as demonstrated by @font-face{ font:(\r/*);} in a rule.

Patched versions: 8.4.31 Affected versions: < 8.4.31

Release notes

Sourced from postcss's releases.

8.4.31

• Fixed \r parsing to fix CVE-2023-44270.

Changelog

Sourced from postcss's changelog.

8.4.31

• Fixed \r parsing to fix CVE-2023-44270.

Commits

• 90208de Release 8.4.31 version
• 58cc860 Fix carrier return parsing
• 4fff8e4 Improve pnpm test output
• cd43ed1 Update dependencies
• caa916b Update dependencies
• 8972f76 Typo
• 11a5286 Typo
• See full diff in compare view

---

Dependabot commands

You can trigger Dependabot actions by commenting on this MR

• @dependabot-bot recreate will recreate this MR rewriting all the manual changes and resolving conflicts