Hi,

We're using the radar in a project and we're facing a security vulnerability from d3-color, which is a dependency of d3-tip package.

It seems that upgrading that package to its version 3.1.0 fixes this issue:
https://security.snyk.io/vuln/SNYK-JS-D3COLOR-1076592

Yet, your code uses previous versions of d3-color (cf. as below for instance):
https://github.com/thoughtworks/build-your-own-radar/blob/master/package-lock.json#L4812

Are you planning to fix that vulnerability?

Thanks.

Hi @code21112 , we have updated the packages to the fix the vulnerability issue now. The changes are in the master branch.

Thanks!