NPM Audit Issues
rhalaly opened this issue · comments
Raz Halaly commented
There are npm audit
issues in this package related to d3-color
:
The d3-color module provides representations for various color spaces in the browser. Versions prior to 3.1.0 are vulnerable to a Regular expression Denial of Service. This issue has been patched in version 3.1.0. There are no known workarounds.
Billy commented
To solve this issue, three dependencies need to be updated:
- d3-scale needs to be updated to v4+,
- d3-scale-chromatic and d3-transition need to be updated to v3+.
Andrew Schonfeld commented
It doesn't appear that this package is maintained anymore. It's a great package. I'm not sure whether I want to fork it with @fresheneesz updates or if anyone knows of a good alternative package?