lattice [Snyk] Security upgrade recharts from 1.8.5 to 2.1.3

[Snyk] Security upgrade recharts from 1.8.5 to 2.1.3

Open snyk-bot opened this issue 3 years ago • 0 comments

merge advice

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- examples/minimal/package.json

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-D3COLOR-1076592	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: recharts

The new version differs by 250 commits.

3115b4d build 2.1.3
6f2551e fix: Customized component has no key (#2637)
f5b8414 Fix XAxis scale propery type (#2641)
ae02a4d Update README.md (#2649)
9aba237 build 2.1.2
300f726 Fix fragment children (#2481)
2805e0b fixes undefined field reference when optional variables not supplied (#2630)
89f3232 build 2.1.1
c3381af fix: responsive container (#2622)
213d4a9 fix: fix format
8da1b74 build 2.1.0
2093a6b Wrap ResponsiveContainer with forwardRef (#2612)
281ea48 Add chart type to tooltip payload (#2599)
857663f Fix for recharts issue #1787 (#2604)
af948a7 build 2.0.10
40a18f8 fix: show scatter chart tooltip cross cursor (#2592)
94e5808 Update Bar.tsx (#2582)
e91fad3 Merge pull request #2516 from ckotyan/patch-1
d857b4e Merge pull request #2512 from andy128k/patch-1
e90a4e1 Merge pull request #2477 from bsell93/patch-1
8340d63 Merge pull request #2457 from anselmpaul/master
35840a0 Passthrough position attribute on createLabeledScales
a0ab49c Fix barchart for a single data point
d0b5781 allow automated axis padding for "gap" and "no-gap"

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

Sep 18 '21 08:09 snyk-bot