svelte-apexcharts icon indicating copy to clipboard operation
svelte-apexcharts copied to clipboard

Published 20 hours ago verified publisher icon galkatz373

[Security] Bump apexcharts from 3.22.2 to 3.24.0

Open dependabot-preview[bot] opened this issue 4 years ago • 1 comments

Bumps apexcharts from 3.22.2 to 3.24.0.

Release notes

Sourced from apexcharts's releases.

💎 Version 3.23.1

🐞 Bug Fixes

  • Panning fixed in timeline charts
  • Mixed chart x-axis issue - fixes #2064
  • A small correction in y-axis min-max - fixes #538
  • Preserve selection on resize in pie, donut - fixes #2110
  • Floating y-axis in bar and timelines - fixes #2123
  • TooltipHoverFormatter in pie charts - fixes #2122

💎 Version 3.23.0

🆕 Enhancements

  • Zoom and Pan enabled in timeline charts - fixes #763

🐞 Bug Fixes

  • Fix export to csv when timestamps are provided - fixes #2101
  • Bigfix in min/max functions in y-axis - fixes #538, fixes #2098
  • Improve logscale

💎 Version 3.22.3

🆕 Enhancements

  • Customizable export filenames - fixes #2042
  • Show x-axis gridlines even when x-axis labels are hidden - fixes #2089

🐞 Bug Fixes

  • Fix undefined tooltip issue in a timeline chart
  • Remove resize handler properly on destroy - fixes #2020
  • CSV bug export when category contains a comma - fixes #2036
  • Fix multiline text in x-axis when using XY format in series - fixes
  • Add passive: true to event listeners - ref #937
  • Fix auto height increase when the height is 100% - fixes #2059
  • Fix log scale in radar chart - fixes #2078
  • Remove code to hide data label when it is cropped
  • Add tooltip title formatter for horizontal chart
  • Bugfix when no data in treemap - fixes #2090
  • Bug fix in min/max functions in y-axis - fixes #538
  • Fix Y-axis tickamount when formatter is applied - fixes #2086
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

dependabot-preview[bot] avatar Feb 01 '21 09:02 dependabot-preview[bot]

We've just been alerted that this update fixes a security vulnerability:

Sourced from The GitHub Security Advisory Database.

XSS in apexcharts

The package apexcharts before 3.24.0 are vulnerable to Cross-site Scripting (XSS) via lack of sanitization of graph legend fields.

Affected versions: ["< 3.24.0"]

dependabot-preview[bot] avatar Feb 11 '21 20:02 dependabot-preview[bot]