Bump d3-color and vega

[dependabot[bot]]

Bumps d3-color to 3.1.0 and updates ancestor dependency vega. These dependencies need to be updated together.

Updates d3-color from 1.4.1 to 3.1.0

Release notes

Sourced from d3-color's releases.

v3.1.0

• Add rgb.clamp and hsl.clamp. #102
• Add color.formatHex8. #103
• Fix color.formatHsl to clamp values to the expected range. #83
• Fix catastrophic backtracking when parsing colors. #89 #97 #99 #100 SNYK-JS-D3COLOR-1076592

v3.0.1

• Make build reproducible.

v3.0.0

• Adopt type: module.

This package now requires Node.js 12 or higher. For more, please read Sindre Sorhus’s FAQ.

v2.0.0

This release adopts ES2015 language features such as for-of and drops support for older browsers, including IE. If you need to support pre-ES2015 environments, you should stick with d3-color 1.x or use a transpiler.

Commits

• 7a1573e 3.1.0
• 75c19c4 update LICENSE
• ef94e01 update dependencies
• 5e9f757 method shorthand
• e4bc34e formatHex8 (#103)
• ac660c6 {rgb,hsl}.clamp() (#102)
• 70e3a04 clamp HSL format (#101)
• 994d8fd avoid backtracking (#100)
• 7d61bbe 3.0.1
• 93bc4ff related d3/d33; extract copyrights from LICENSE
• Additional commits viewable in compare view

Updates vega from 5.13.0 to 5.22.1

Release notes

Sourced from vega's releases.

v5.22.1

Changes from v5.22.0:

monorepo

• Update dependencies.

vega-scenegraph

• Fix SVG path parser null check. (#3451).

v5.22.0

Changes from v5.21.0:

docs

• Add Packed Bubble Chart example. (thanks @​PBI-David!)
• Improve TimeUnit transform documentation.

monorepo

• Update dependencies, including D3 ESM packages.
• Update rollup config to bundle ESM packages for CJS use.
• Update tests to match new dependencies.
• Bump minor version numbers for all affected modules.

vega-functions

• Add lasso selection expression functions. (thanks @​dvmoritzschoefl!)
• Suppress unsupported expression function arguments.

vega-label

• Fix to not assume that a label always has some part inside the chart's bounding box. (thanks @​chanwutk!)

vega-scenegraph

• Fix SVG path close logic. (#3377)
• Fix SVG renderer dirty check. (#3411).
• Fix SVG path string parser, update tests. (#3432)
• Fix SVG mix-blend-mode to use style attribute. (#3435)

vega-selections

• Optimize selection functions for ID-only stores. (thanks @​arvind!)

vega-transforms

• Fix TimeUnit transform updates.

... (truncated)

Commits

• 7eafbbd chore: Update yarn.lock.
• 31436d8 docs: Update docs build files.
• 2fbad57 chore: Bump dependencies and version numbers.
• b46de50 chore: Update CI workflow.
• 3fb45ff fix: Add SVG path parser null check. (#3451).
• 9a3faca docs: Update docs build files.
• 1f822a4 chore: Refine Vega index file.
• 03e41f7 chore: Merge conflicts.
• 9abea1a docs: Fix name of packed bubble chart spec.
• 598faea docs: Fix name of packed bubble chart spec.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.