ld-r icon indicating copy to clipboard operation
ld-r copied to clipboard
verified publisher icon ali1k

[Snyk] Security upgrade recharts from 2.2.0 to 2.3.0

Open ali1k opened this issue 3 years ago • 0 comments

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Breaking Change Exploit Maturity
medium severity 586/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 5.3		 Regular Expression Denial of Service (ReDoS)
SNYK-JS-D3COLOR-1076592		 No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages
Package name: recharts The new version differs by 55 commits.
  • e71d83c 2.3.0
  • 1216e06 fix: cartesian utils unit test, remove demo,src from files array
  • bcb199c fix: d3 security vulnerability in d3-color
  • 85f7c81 chore: add npm publish action (#3166)
  • 447fd7a test: add jest coverage, differentiate jest and karma envs to fix errors (#3164)
  • a290cfa fix: area chart test part3 (#3163)
  • 90ed7e7 refactor(ReactUtils): findByType – use generic to have a better return type
  • da9e913 chore(gitignore): add .vscode
  • cc78f8c fix(ChartUtils): appendOffsetOfLegend – correct verticalAlign match to “middle”
  • 21b923a fix: area chart test migration follow up (#3161)
  • 0d82154 LineChart.spec jest migration (#3141)
  • 3214d14 refactor(ResponsiveContainer): improve performance memoizing internal variables
  • fe8f758 test(JestMigration): convert ResponsiveContainer (closes #3156)
  • 518b4b1 JestMigration: Label and LabelList (#3154)
  • 9b83399 Jest Migration: ChartUtils (#3148)
  • 8db8edf fix: migrate area chart test to typescript (#3151)
  • 81d271b test(JestMigration): convert FunnelChart (closes #3127) (#3153)
  • f4f9607 Jest Migration: Cell (#3150)
  • 08f405e Jest Migration: util/DataUtils (#3134) (#3147)
  • 287552f Jest Migration: util/CartesianUtils (#3145)
  • 81f08fc chore(deps-dev): remove unused dependencies (#3144)
  • c07f762 AreaChart: Respect baseValue of AreaChart, but allow override from Area (#3140)
  • 2e8dffd test(ShallowEqual): convert test using jest (#3143)
  • 787f041 test(jest): remove console error and warn from stdout in LogUtils and ReactUtils (#3142)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

ali1k avatar Jan 12 '23 02:01 ali1k