Bump d3-color and vega

[dependabot[bot]]

Bumps d3-color to 3.1.0 and updates ancestor dependency vega. These dependencies need to be updated together.

Updates d3-color from 1.2.3 to 3.1.0

Release notes

Sourced from d3-color's releases.

v3.1.0

• Add rgb.clamp and hsl.clamp. #102
• Add color.formatHex8. #103
• Fix color.formatHsl to clamp values to the expected range. #83
• Fix catastrophic backtracking when parsing colors. #89 #97 #99 #100 SNYK-JS-D3COLOR-1076592

v3.0.1

• Make build reproducible.

v3.0.0

• Adopt type: module.

This package now requires Node.js 12 or higher. For more, please read Sindre Sorhus’s FAQ.

v2.0.0

This release adopts ES2015 language features such as for-of and drops support for older browsers, including IE. If you need to support pre-ES2015 environments, you should stick with d3-color 1.x or use a transpiler.

v1.4.1

• Fix parsing of 4- and 8-digit hexadecimal transparent colors. #52

v1.4.0

• Add support for parsing 4- and 8-digit hexadecimal colors. #60 Thanks, @​zerovox!
• Add sideEffects: false to the package.json.

v1.3.0

• Add color.copy.
• Add color.formatHex.
• Add color.formatHsl.
• Add color.formatRgb.
• Deprecate color.hex; use color.formatHex instead.

v1.2.8

• Revert chroma clamping in hcl.toString. (#33)

v1.2.7

• Account for rounding when determining whether a color is displayable.

v1.2.6

• Implement chroma clamping in hcl.toString. (#33)
• Fix achromatic representation of white in HCL colorspace (again).

v1.2.5

• Fix achromatic representation of white in HCL colorspace.

v1.2.4

• Fix achromatic representation of black and white in HCL colorspace.

Commits

• 7a1573e 3.1.0
• 75c19c4 update LICENSE
• ef94e01 update dependencies
• 5e9f757 method shorthand
• e4bc34e formatHex8 (#103)
• ac660c6 {rgb,hsl}.clamp() (#102)
• 70e3a04 clamp HSL format (#101)
• 994d8fd avoid backtracking (#100)
• 7d61bbe 3.0.1
• 93bc4ff related d3/d33; extract copyrights from LICENSE
• Additional commits viewable in compare view

Updates vega from 5.4.0 to 5.22.1

Release notes

Sourced from vega's releases.

v5.22.1

Changes from v5.22.0:

monorepo

• Update dependencies.

vega-scenegraph

• Fix SVG path parser null check. (#3451).

v5.22.0

Changes from v5.21.0:

docs

• Add Packed Bubble Chart example. (thanks @​PBI-David!)
• Improve TimeUnit transform documentation.

monorepo

• Update dependencies, including D3 ESM packages.
• Update rollup config to bundle ESM packages for CJS use.
• Update tests to match new dependencies.
• Bump minor version numbers for all affected modules.

vega-functions

• Add lasso selection expression functions. (thanks @​dvmoritzschoefl!)
• Suppress unsupported expression function arguments.

vega-label

• Fix to not assume that a label always has some part inside the chart's bounding box. (thanks @​chanwutk!)

vega-scenegraph

• Fix SVG path close logic. (#3377)
• Fix SVG renderer dirty check. (#3411).
• Fix SVG path string parser, update tests. (#3432)
• Fix SVG mix-blend-mode to use style attribute. (#3435)

vega-selections

• Optimize selection functions for ID-only stores. (thanks @​arvind!)

vega-transforms

• Fix TimeUnit transform updates.

... (truncated)

Commits

• 7eafbbd chore: Update yarn.lock.
• 31436d8 docs: Update docs build files.
• 2fbad57 chore: Bump dependencies and version numbers.
• b46de50 chore: Update CI workflow.
• 3fb45ff fix: Add SVG path parser null check. (#3451).
• 9a3faca docs: Update docs build files.
• 1f822a4 chore: Refine Vega index file.
• 03e41f7 chore: Merge conflicts.
• 9abea1a docs: Fix name of packed bubble chart spec.
• 598faea docs: Fix name of packed bubble chart spec.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/plotly/dash-alternative-viz/network/alerts).