Bump postcss-css-variables from 0.14.0 to 0.17.0

[dependabot-preview]

Bumps postcss-css-variables from 0.14.0 to 0.17.0.

Changelog

Sourced from postcss-css-variables's changelog.

v0.17.0 - 2020-4-24

• Expand variables in AtRule properties
  • Thank you to @pvande for the contribution
  • Merged via MadLittleMods/postcss-css-variables#121

v0.16.0 - 2020-4-24

• Add ability to pass callback function to options.preserve to determine whether to preserve declaration
  • Thank you to @ekatioz for the contribution

v0.15.0 - 2020-4-24

• Fix algorithm to find balanced var() pairs and nested parenthesis
  • Thank you to @Poetro for the contribution

Commits

• 8eb32cf 0.17.0
• d4b5a2c Merge branch 'master' of github.com:MadLittleMods/postcss-css-variables
• f4b703f Prepare changelog with #104
• 933738b Resolve review from #104
• 5af0790 Allow AtRules containing properties to have their variables expanded
• 47677f2 0.16.0
• abd793a Prepare changelog with #116
• 9459f2a Make preserve callback documentation and tests more clear
• f92ee48 Add conditional preservation behavior (#116)
• 7876dd0 Fix #112 author link
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @halkeye.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[halkeye]

@dependabot merge

[dependabot-preview]

One of your CI runs failed on this pull request, so Dependabot won't merge it.

• Jenkins

Dependabot will still automatically merge this pull request if you amend it and your tests pass.