[Snyk] Security upgrade @swimlane/ngx-charts from 20.1.2 to 20.4.1
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this Merge Request
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- frontend/src/main/frontend/package.json
Vulnerabilities that will be fixed
With an upgrade:
Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
---|---|---|---|---|
586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-D3COLOR-1076592 |
No | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: @swimlane/ngx-charts
The new version differs by 10 commits.- 3a74ae9 fix: unwanted package-lock.json in lib
- c04103c fix: correct package-lock for the lib
- e6ff8d0 (release): 20.4.1
- be4498d release: (20.4.0) (#1872)
- 694f507 Bump d3 packages to latest version (#1836)
- efc46d6 (release): 20.3.1 (#1868)
- 26974e8 fix: in SSR mode avoid label cut off (#1867)
- 66c1207 release: (20.3.0) (#1864)
- b5b0230 feat: Wrap ticks (#1863)
- 5538c39 (release): 20.1.2 (#1824)
Check the changes in this Merge Request to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
Learn how to fix vulnerabilities with free interactive lessons: