[Snyk] Security upgrade frappe-charts from 0.0.8 to 1.5.5 - Githubissues

brunobesson / c2c-stats

https://brunobesson.github.io/c2c-stats/

GNU Affero General Public License v3.0

0 stars 0 forks source link

[Snyk] Security upgrade frappe-charts from 0.0.8 to 1.5.5 #96

Open snyk-bot opened 3 years ago

snyk-bot commented 3 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

merge advice

Changes included in this PR

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	566/1000 Why? Recently disclosed, Has a fix available, CVSS 5.6	Cross-site Scripting (XSS) SNYK-JS-FRAPPECHARTS-1044066	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: frappe-charts

The new version differs by 250 commits.

ecfc069 chore: bump to 1.5.5
d5706a5 Merge pull request #315 from 418sec/1-npm-frappe-charts
6fce4d6 chore: bump to 1.5.4
e04b8f7 Merge pull request #311 from ading-be/#310
1547a85 Merge branch 'master' into #310
2fb0609 Merge pull request #1 from arjunshibu/master
d071573 added XSS protection for datasets.name field
92a3df9 chore: bump to 1.5.3 and update build
25122f9 chore: update yarn lock
d112378 fix: rounding precision errors in aggregation chart legend
c5de1fd - Fix tests
cf7ffa0 - Fix build on backwards compatibility tooltipOptions
b552cde - Build
869c747 - Adjust getColor to support RGB (TODO: HSL colors)
f644e19 Merge pull request #309 from SaiFi0102/AggregateChart-Formatter
cec719d fix(AggregationChart): Formatter not being applied
f59de5f chore: update readme
6e687cd Merge pull request #306 from silvestrevivo/master
55c93d4 reverse array when maxValue < absMinValue
2572e31 chore: bump to 1.5.2 🎉
222cbb6 fix: preprocess rect attributes before creating bar
773f93c fix: set default translate to 0 if invalid
9d03d50 feat: added helper to valid number to svg attributes
d6c33a1 chore: update build

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic