Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NPM Audit Issues #100

Open
rhalaly opened this issue Oct 25, 2022 · 3 comments
Open

NPM Audit Issues #100

rhalaly opened this issue Oct 25, 2022 · 3 comments

Comments

@rhalaly
Copy link

rhalaly commented Oct 25, 2022

There are npm audit issues in this package related to d3-color:

The d3-color module provides representations for various color spaces in the browser. Versions prior to 3.1.0 are vulnerable to a Regular expression Denial of Service. This issue has been patched in version 3.1.0. There are no known workarounds.
@fresheneesz
Copy link

fresheneesz commented May 24, 2023
edited
Loading

To solve this issue, three dependencies need to be updated:

  • d3-scale needs to be updated to v4+,
  • d3-scale-chromatic and d3-transition need to be updated to v3+.

@aschonfeld
Copy link

It doesn't appear that this package is maintained anymore. It's a great package. I'm not sure whether I want to fork it with @fresheneesz updates or if anyone knows of a good alternative package?

@p-pych
Copy link

p-pych commented Nov 8, 2023

If someone else stumble upon issues with outdated d3 dependencies. Please feel free to use https://www.npmjs.com/package/react-wordcloud-d3-update-fork

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@fresheneesz @rhalaly @aschonfeld @p-pych