Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade echarts from 5.2.2 to 5.5.1 #225

Closed
wants to merge 1 commit into from
Closed

[Snyk] Upgrade echarts from 5.2.2 to 5.5.1 #225

wants to merge 1 commit into from

Conversation

junior
Copy link
Owner

@junior junior commented Jul 26, 2024

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to upgrade echarts from 5.2.2 to 5.5.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 21 versions ahead of your current version.

  • The recommended version was released on a month ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
medium severity Cross-site Scripting (XSS)
SNYK-JS-ECHARTS-7300340		 576 Proof of Concept
Release notes
Package name: echarts
  • 5.5.1 - 2024-06-27
    • [Feature] [axis] Support custom axis tick/label positions. #19919 (dvdkon) (Ovilia)
    • [Feature] [bar] Add startValue option. #17078 (jiawulin001)
    • [Feature] [sankey] Add itemStyle.borderRadius option. #19763 (deftliang)
    • [Feature] [time] Add meridian template {a}/{A}. #19888 (maurodesouza)
    • [Feature] [geo] Add totalZoom parameter for the georoam event. #19837 (zhaoxinggang)
    • [Feature] [treemap] Add scaleLimit option to limit the zooming. #18304 (liuyizhou)
    • [Fix] [series] Avoid error caused by seriesData.getLinkedData. #19901 (plainheart)
    • [Fix] [marker] Fix marker label formatter can't get series information. #19898 (plainheart)
    • [Fix] [aria] Avoid error in SSR mode. #19892 (OverflowCat)
    • [Fix] [data] Avoid error when using BigInt values. #19847 (zettca)
    • [Fix] [pie] Fix endAngle is not applied on the empty circle. #19642 (plainheart)
    • [Fix] [toolbox] Fix uncaught reference error in the environment that MouseEvent doesn't exist. #19620 (plainheart)
    • [Fix] [tooltip] Fix tooltip XSS issue when legend name is HTML string. #20045 (plainheart)
    • [Fix] [type] Fix that in users' .d.ts import('echarts/types/dist/shared') can not visit 'echarts/types/dist/shared.d.ts' since v5.5.0. #20030 (100pah)

    New Contributors

  • 5.5.1-rc.1 - 2024-06-20

    Merge pull request #20039 from apache/release-dev

    Release 5.5.1

  • 5.5.0 - 2024-02-18
    • [Break Change] [Feature] [core] change to default ESM package. #19513 (100pah)
    • [Feature] [ssr] server-side rendering and client hydration. #18381 (Ovilia)
    • [Feature] [animation] support multi-level drill-down for universal transition. #17611 (tyn1998)
    • [Feature] [pie] add padAngle option. #19076 (linghaoSu)
    • [Feature] [pie] add endAngle for control pie range. #18820 (linghaoSu)
    • [Feature] [polar] allow setting angleAxis.endAngle. #19099 (yassilah)
    • [Feature] [sampler] add min-max sampler function. #19279 (snukhulov)
    • [Feature] [i18n] add Arabic(AR) translation. #19214 (OthmanAliModaes)
    • [Feature] [i18n] add Dutch(NL) translation. #19252 (tijmenamsing)
    • [Feature] [tooltip] add appendTo option to allow customizing tooltip container. #18436 (viking7982)
    • [Feature] [label] support align for min/max labels. #19228 (Ovilia)
    • [Feature] [pictorialBar] support clip for pictorialBar series. #19197 (Ovilia)
    • [Feature] [tooltip] add dataIndex to valueFormatter callback. #19123 (ChepteaCatalin)
    • [Fix] [toolbox] fix toolbox text can't apply the specified or global font style. #19170 (plainheart)
    • [Fix] [label] fix labelLine default style when normal state not show but other state show. #18800 (linghaoSu)
    • [Fix] [labelLine] fix emphasis.labelLine is not working in pie chart. #19180 (shiersansi)
    • [Fix] [marker] fix markArea position when axis is with alignWithLabel. #19516 (Ovilia)
    • [Fix] [line] fix line may cross in time axis when animation is enabled. #18960 (plainheart)
    • [Fix] [scatter] fix edge scatter may be unexpectedly clipped due to tiny offset. #18867 (plainheart)
    • [Fix] [sunburst] label rotation flipping. #19176 (Ovilia)
    • [Fix] [aria] fix hard-coded series type name translation. #19239 (Ovilia)
    • [Feature] [matrix] allow rotating relative to a point different than the origin. #1034 (ChepteaCatalin)
    • [Fix] [graph] fix force layout iteration timer doesn't stop after disposing the chart. #19514 (plainheart)
    • [Fix] [tooltip] fix potential NPE when the parent node of the tooltip element doesn't exist. #19265 (plainheart)
    • [Fix] [visualMap] fix continuous visualMap mouseover event not register except first continuous visualMap. #19097 (linghaoSu)
    • [Fix] [clip] add an extra space to the clip-path width to prevent unexpected clip. #19056 (RexSkz)
    • [Fix] [dataset] fix multi typed array detection flaw. #19035 (linghaoSu)
    • [Fix] [core] fix potential NPE when reading default init options from global object in dev environment. #19217 (sunpm)
    • [Fix] [i18n] enhance default language fallback. #19107 (ultravires)
    • [Fix] [svg] fix assigning style attribute does not work when CSP is enforced. ecomfe/zrender#1030 (alxnddr)
    • [Fix] [svg] duplicate id for background rect with multiple charts. ecomfe/zrender#1002 (Ovilia)
    • [Fix] [node] make nodejs detection resilient. ecomfe/zrender#1036 (Uzlopak)
    • [Fix] [type] make ellipsis & options of the function truncateText optional. ecomfe/zrender#1047 (plainheart)
    • [Fix] [type] add missing value type string for barMinWidth and barMaxWidth of the bar series. #19424 (zhaxnb)
    • [Feature] [type] export EChartsInitOpts and some Payload types for echarts/core. #19103 (dalenguyen)
    • [Fix] [type] allow nullable value for OptionDataValue. #19111 (avin-kavish)
    • [Fix] [type] add undefined to the return type of graphic.clipRectByRect function. #18950 (benlongo)
    • [Fix] [type] remove duplicate extends at GraphNodeItemOption. #18901 (nenoNaninu)
    • [Refactor] [util] import liftColor function from zrender. #19526 (plainheart)

    New Contributors

  • 5.5.0-rc.2 - 2024-02-04

    Release 5.5.0-rc.2

  • 5.5.0-rc.1 - 2024-01-31

    Release 5.5.0-rc.1

  • 5.4.3 - 2023-07-18
    • [Feature] [axisPointer] Add triggerEmphasis option to disable emphasis. #18524 (juliepagano)
    • [Feature] [sankey] Support trajectory for emphasis state. #17451 (ElayGelbart)
    • [Fix] [sankey] Fix sankey line color 'target'/'source'/'gradient' doesn't work in non-normal state. #18834 (linghaoSu)
    • [Fix] [sankey] Fix value is undefined in label/edgeLabel formatter. #18733 (plainheart)
    • [Fix] [sunburst] Fix sunburst label may rotate when labelLayout.hideOverlap is enabled. #18808 (linghaoSu)
    • [Fix] [graph] Fix graph chart can't be hidden by legend due to edgeLabel NPE. #18624 (plainheart)
    • [Fix] [state] Fix focus self doesn't work when item emphasis by other component. #18511 (linghaoSu)
    • [Fix] [axis] Fix last tick doesn't show for single data. #18469 (Ovilia)
    • [Fix] [pie] Fix incorrect response area of pie piece when selectedOffset is enabled and animation is disabled. #1011 (plainheart)
    • [Fix] [custom] Fix user-defined info property was not available in the event handler. #18400 (sobolewsk)
    • [Fix] [legend] Inherit legend rich text color from legend's options. #18260 (ChepteaCatalin)
    • [Fix] [label] Fix ellipsis was not working. #18525 (Ovilia)
    • [Fix] [label] Fix endLabel fails with null data. #18841 (Ovilia)
    • [Fix] [util] Fix {yy} pattern has no zero padding in time format util. #18535 (linghaoSu)
    • [Fix] [api] Only deprecate disConnect but not disconnect. #18758 (Justineo)
    • [Fix] [i18n] Fix the abbr of "March" for the DE language ("Mar" -> "Mrz"). #18387 (Stebeber)
    • [Fix] [type] Fix wrong type for data item value of the parallel series. #18425 (ManishDait)
    • [Fix] [type] Allow passing null to the parameters of init function. #18575 (zhuscat)
  • 5.4.3-rc.1 - 2023-07-14

    Release 5.4.3-rc.1

  • 5.4.2 - 2023-03-23
    • [Feature] [bar] Support borderRadius for polar bar and its background. #17995 (Ovilia)
    • [Feature] [i18n] Add Turkish(tr_TR) translation. #18012 (partitect)
    • [Feature] [i18n] Add Vietnamese(vi_VN) translation. #18279 (nghiepdev)
    • [Fix] [bar] Polar bar animation should start from r0 rather than 0. #17997 (Ovilia)
    • [Fix] [marker] Fix abnormal range of markArea in bar series. #18229 (Ovilia)
    • [Fix] [line] Fix labels don't show in line series when ssr is enabled. #18032 (plainheart)
    • [Fix] [svg] Fix defined CSS doesn't work due to unexpected encoding for style tag. #982 (plainheart)
    • [Fix] [sunburst] Fix labels might upside down in radial layout. #18240 (susiwen8)
    • [Fix] [dataset] Fix chart can't render when using object array and object item contains a property named length. #18276 (susiwen8)
    • [Fix] [tooltip] Fix tooltip still disappears after leaving the tooltip even if alwaysShowContent was enabled. #18221 (jianghaoran116)
    • [Fix] [text] Charsets like Cyrillic should break word the same as Latin. #973 (Ovilia)
    • [Fix] [type] Add missing treePathInfo property into sunburst formatter callback and add missing data option into SunburstSeriesOption. #18310 (plainheart)
    • [Fix] [type] Add missing callback function type for the symbol option of tree series. #18070 (ChepteaCatalin)
  • 5.4.2-rc.1 - 2023-03-17

    Release 5.4.2-rc.1

  • 5.4.1 - 2022-12-09
  • 5.4.1-rc.1 - 2022-12-02
  • 5.4.0 - 2022-09-25
  • 5.4.0-rc.1 - 2022-09-13
  • 5.3.3 - 2022-06-14
  • 5.3.3-rc.1 - 2022-06-10
  • 5.3.2 - 2022-04-01
  • 5.3.2-rc.1 - 2022-03-28
  • 5.3.1 - 2022-03-07
  • 5.3.1-rc.1 - 2022-03-04
  • 5.3.0 - 2022-01-26
  • 5.3.0-rc.1 - 2022-01-23
  • 5.2.2 - 2021-11-01
from echarts GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade echarts from 5.2.2 to 5.5.1
e901dbf 
Snyk has created this PR to upgrade echarts from 5.2.2 to 5.5.1.

See this package in npm:
echarts

See this project in Snyk:
https://app.snyk.io/org/junior-n9m/project/ba492758-f57a-40ee-8148-094c8920173e?utm_source=github&utm_medium=referral&page=upgrade-pr
@github-actions GitHub Actions
Copy link

Marking this PR stale since there has been no activity for 14 days. It will be closed if there is no activity for another 10 days.

@github-actions github-actions bot added the stale label Aug 10, 2024
@github-actions GitHub Actions
Copy link

This PR have been closed for no activity in 25 days

@github-actions github-actions bot closed this Aug 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
stale
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@junior @snyk-bot