Skip to content

Commit

Permalink
fix: d3-color redos version patch (#331)
Browse files Browse the repository at this point in the history 
overrides the version of d3-color used by d3-scale -> d3-interpolate
to use 3.1.0, which remediates
https://security.snyk.io/vuln/SNYK-JS-D3COLOR-1076592
  • Loading branch information
@emattiza
emattiza committed Dec 5, 2022
1 parent fb23eb3 commit d13a268
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 5 deletions.
5 changes: 4 additions & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -138,5 +138,8 @@
"d3-time": "^2.1.1",
"d3-time-format": "^4.1.0",
"ts-toolbelt": "^9.6.0"
},
"resolutions": {
"d3-scale/d3-interpolate/d3-color": "^3.1.0"
}
}
}
8 changes: 4 additions & 4 deletions yarn.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2523,10 +2523,10 @@ d3-array@2, d3-array@^2.12.1, d3-array@^2.3.0:
dependencies:
internmap "1 - 2"

"d3-color@1 - 2":
version "2.0.0"
resolved "https://registry.npmjs.org/d3-color/-/d3-color-2.0.0.tgz"
integrity sha512-SPXi0TSKPD4g9tw0NMZFnR95XVgUZiBH+uUTqQuDu1OsE2zomHU7ho0FISciaPvosimixwHFl3WHLGabv6dDgQ==
"d3-color@1 - 2", d3-color@^3.1.0:
version "3.1.0"
resolved "https://registry.yarnpkg.com/d3-color/-/d3-color-3.1.0.tgz#395b2833dfac71507f12ac2f7af23bf819de24e2"
integrity sha512-zg/chbXyeBtMQ1LbD/WSoW2DpC3I0mpmPdW+ynRTj/x2DAWYrIY7qeZIHidozwV24m4iavr15lNwIwLxRmOxhA==

[email protected]:
version "5.3.0"
Expand Down

0 comments on commit d13a268

Please sign in to comment.