[Snyk] Upgrade d3 from 5.16.0 to 7.8.5

[Jircs1]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade d3 from 5.16.0 to 7.8.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 42 versions ahead of your current version.
• The recommended version was released 10 months ago, on 2023-06-03.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-D3COLOR-1076592	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: d3

• 7.8.5 - 2023-06-03
  
  • Fix the return value of d3.medianIndex and d3.quantileIndex when the data contains missing values. #275
• 7.8.4 - 2023-04-01
  
  • Fix circumcenters when the hull is collinear. d3/d3-delaunay#142
• 7.8.3 - 2023-03-25
  
  • Fix precision error calculating voronoi.neighbors. d3/d3-delaunay#138 d3/d3-delaunay#139
  • Fix broken polygon. d3/d3-delaunay#140
  • Fix threshold generation when input is empty or has no deviation. d3/d3-array#271
• 7.8.2 - 2023-01-18
  
  • d3.ticks now tries harder to generate at least one tick. d3/d3-array#264
• 7.8.1 - 2023-01-11
  
  • Tolerate invalid input values when generating contours. #61
  • Tolerate invalid input weights when generating density contours. #65
  • Fix missing contours at extrema when using default thresholds. #68
• 7.8.0 - 2022-12-20
  
  • Add d3.pathRound.
  • Add configurable precision when generating path data via path.digits.
  • Add likewise shape.digits method to d3.arc, d3.area, d3.line, d3.link, and d3.symbol.
  • Improve the performance of d3.geoPath’s string concatenation.
  • Fix arc rendering for small arcs with rounded corners.
  • Fix BumpRadial implementation to support multiple points.
  • Fix projection when lambda is outside the range ±3π.
  • Rename d3.symbolX to d3.symbolTimes; d3.symbolX is now deprecated.
• 7.7.0 - 2022-12-03
  
  • Add d3.unixDay and d3.unixDays. d3/d3-time#58
  • Adopt d3.unixDay in place of d3.utcDay for d3.utcTicks to ensure uniform tick spacing.
  • Fix mutation of user-owned thresholds in d3.bin. d3/d3-array#263
  • Fix infinite loop when d3.quantile or d3.quickselect is called with invalid arguments. d3/d3-array#262
• 7.6.1 - 2022-07-03
  
  • density.bandwidth now supports fractional (non-integer) values.
• 7.6.0 - 2022-07-03
  
  • Add d3.blur.
  • Add d3.blur2.
  • Add d3.blurImage.
  • Add d3.medianIndex.
  • Add d3.quantileIndex.
• 7.5.0 - 2022-06-26
  
  • Add density.contours.
• 7.4.5 - 2022-06-24
• 7.4.4 - 2022-04-11
• 7.4.3 - 2022-04-07
• 7.4.2 - 2022-04-03
• 7.4.1 - 2022-04-02
• 7.4.0 - 2022-03-28
• 7.3.0 - 2022-01-07
• 7.2.1 - 2021-12-10
• 7.2.0 - 2021-12-04
• 7.1.1 - 2021-10-03
• 7.1.0 - 2021-10-01
• 7.0.4 - 2021-09-24
• 7.0.3 - 2021-09-20
• 7.0.2 - 2021-09-19
• 7.0.1 - 2021-08-16
• 7.0.0 - 2021-06-11
• 6.7.0 - 2021-04-16
• 6.6.2 - 2021-03-29
• 6.6.1 - 2021-03-24
• 6.6.0 - 2021-03-10
• 6.5.0 - 2021-01-25
• 6.4.0 - 2021-01-22
• 6.3.1 - 2020-12-08
• 6.3.0 - 2020-12-03
• 6.2.0 - 2020-09-23
• 6.1.1 - 2020-08-31
• 6.1.0 - 2020-08-29
• 6.0.0 - 2020-08-26
• 6.0.0-rc.4 - 2020-08-23
• 6.0.0-rc.3 - 2020-08-05
• 6.0.0-rc.2 - 2020-07-31
• 6.0.0-rc.1 - 2020-07-28
• 5.16.0 - 2020-04-20

from d3 GitHub release notes

Commit messages

Package name: d3

• d6f9341 7.8.5
• 9a54862 d3-array 3.2.4
• 37b1960 7.8.4
• 9160c16 d3-delaunay 6.0.4
• a703a6d 7.8.3
• 604483b d3-array 3.2.3, d3-delaunay 6.0.3
• 0713d54 7.8.2
• 06e5d41 d3-array 3.2.2
• f7ad8e3 7.8.1
• 8d2a956 d3-contour 4.0.2
• 73ed925 7.8.0
• a8a664c drop rollup-plugin-ascii
• 4b62ad3 d3-geo 3.1.0, d3-path 3.1.0, d3-shape 3.2.0
• 7c240e8 jsDelivr, not Skypack
• 33a4148 7.7.0
• c4e728c d3-array 3.2.1, d3-time 3.1.0
• 19302a5 7.6.1
• c1c2c0b d3-contour 4.0.0
• 795f203 7.6.0
• 22f1dc7 d3-array 3.2.0
• d618835 7.5.0
• d9f58e1 d3-contour 3.1.0
• 6d70571 7.4.5
• 7e9eba3 d3-contour 3.0.2

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher

🚮 Removed packages: npm/diff@5.2.0, npm/fastest-levenshtein@1.0.16, npm/glob@10.3.10, npm/graceful-fs@4.2.11, npm/hosted-git-info@7.0.1, npm/ini@4.1.2, npm/init-package-json@6.0.2, npm/is-cidr@5.0.3, npm/json-parse-even-better-errors@3.0.1, npm/libnpmaccess@8.0.2, npm/libnpmdiff@6.0.7, npm/libnpmexec@7.0.8, npm/libnpmfund@5.0.5, npm/libnpmhook@10.0.1, npm/libnpmorg@6.0.2, npm/libnpmpack@6.0.7, npm/libnpmpublish@9.0.4, npm/libnpmsearch@7.0.1, npm/libnpmteam@6.0.1, npm/libnpmversion@5.0.2, npm/licensee@10.0.0, npm/make-fetch-happen@13.0.0, npm/minimatch@9.0.3, npm/minipass-pipeline@1.2.4, npm/ms@2.1.3, npm/nock@13.5.4, npm/node-gyp@10.0.1, npm/nopt@7.2.0, npm/normalize-package-data@6.0.0, npm/npm-audit-report@5.0.0, npm/npm-install-checks@6.3.0, npm/npm-package-arg@11.0.1, npm/npm-packlist@8.0.2, npm/npm-pick-manifest@9.0.0, npm/npm-profile@9.0.0, npm/npm-registry-fetch@16.1.0, npm/npm-user-validate@2.0.0, npm/npmlog@7.0.1, npm/p-map@4.0.0, npm/pacote@17.0.6, npm/parse-conflict-json@3.0.1, npm/proc-log@3.0.0, npm/read@2.1.0, npm/remark-gfm@3.0.1, npm/remark-github@11.2.4, npm/remark@14.0.3, npm/semver@7.6.0, npm/spawk@1.8.1, npm/spdx-expression-parse@3.0.1, npm/strip-ansi@7.1.0, npm/supports-color@9.4.0, npm/tap@16.3.10, npm/tar@6.2.0, npm/tiny-relative-date@1.3.0, npm/treeverse@3.0.0, npm/validate-npm-package-name@5.0.0, npm/which@4.0.0, npm/write-file-atomic@5.0.1

View full report↗︎