BanManager-WebUI [Snyk] Security upgrade @nivo/pie from 0.84.0 to 0.85.0

[Snyk] Security upgrade @nivo/pie from 0.84.0 to 0.85.0

Open confuser opened this issue 11 months ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-D3COLOR-1076592	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @nivo/pie

The new version differs by 11 commits.

4ab05e2 v0.85.0
68375a1 fix(dependencies): fix peer dependencies (#2528)
193a4ce fix(line): use readonly arrays for props as the library does not modify them (#2494)
0ab8f73 fix(marimekko): use readonly arrays for props as the library does not modify them (#2493)
a90a6cc feat(line): add support for touch events + crosshair (#2524)
d74996a fix(website): fix tooltip default color in the theming guide (#2521)
44d8967 Fix: add initial property for truncateTickAt (#2504)
c741a88 chore: upgrade d3-color and d3-scale-chromatic
bc18832 fix(sankey): update onClick types in sankey chart to respect generics (#2509)
d87af09 set default props inside components
0bc2fe8 refactor default props to fix error message

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

Learn how to fix vulnerabilities with free interactive lessons:

Mar 07 '24 04:03 confuser