Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

[Snyk] Upgrade: apexcharts, babel-loader, fusioncharts #978

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

Sheitak
Copy link
Owner

@Sheitak Sheitak commented Sep 23, 2024

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on

apexcharts
from 3.19.2 to 3.53.0 | 71 versions ahead of your current version | 24 days ago
on 2024-08-30
babel-loader
from 8.1.0 to 8.3.0 | 7 versions ahead of your current version | 2 years ago
on 2022-11-03
fusioncharts
from 3.15.2 to 3.23.0 | 10 versions ahead of your current version | 6 months ago
on 2024-03-21

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-SEMVER-3247795
490 Proof of Concept
high severity Prototype Pollution
SNYK-JS-AJV-584908
490 No Known Exploit
medium severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-RAMDA-1582370
490 No Known Exploit
medium severity Cross-site Scripting (XSS)
SNYK-JS-APEXCHARTS-1062708
490 Proof of Concept
medium severity Cross-site Scripting (XSS)
SNYK-JS-APEXCHARTS-1300579
490 Proof of Concept
Release notes
Package name: apexcharts
  • 3.53.0 - 2024-08-30

    What's new

    New Property

    New method

    • highlightSeries; In a multi-series chart, call this method to reduce opacity of all other series and only highlight a particular one.

    Enhancements

    • Mousewheel support for zooming; references #960

    Bugfixes

    Announcements

    • End support for IE11.

    New Contributors

    Full Changelog: v3.52.0...v3.53.0

  • 3.52.0 - 2024-08-05

    What's Changed

    • fix #1339; tooltip.enabledOnSeries bugfix in irregular time series
    • fix #4600; show percentage in 100% stacked bar chart
    • fix #4067; incorrect x-axis labels for numeric x-axis for small dataset
    • fixes #4579; heatmap legend color issue
    • feat(ci): added continuous integration tests by @ Sebastian-Webster in #4577
    • Add null checks on gridRect to avoid safari error by @ Nikkitory in #4599

    New Contributors

    Full Changelog: v3.51.0...v3.52.0

  • 3.51.0 - 2024-07-21

    What's Changed

    ✨ More marker shapes

    hswil69ah

    Full Changelog: v3.50.0...v3.51.0

  • 3.50.0 - 2024-07-05

    What's Changed

    • Refactor markers code for generating new markers shapes (plus, cross, line)
    Screenshot 2024-07-05 at 11 27 12 PM

    New Contributors

    Full Changelog: v3.49.2...v3.50.0

  • 3.49.2 - 2024-06-25

    What's Changed

    New Contributors

    Full Changelog: v3.49.1...v3.49.2

  • 3.49.1 - 2024-05-12

    🆕 Enhancements

    basic-slope-chart

    🐞 Bug fixes

    • Fix issue #4216: grid padding calculation to support array of stroke widths, thanks @ veryinsanee
    • Fix heatmap yaxis offset #2033, thanks @ cart-before-horse
    • FIx types (yaxis.seriesName as an Array), thanks @ j2ghz
    • Remove redundant graphics.move() from end of lower rangeArea paths. - thanks @ rosco54
    • Fix #4386; pie chart size issue when given in percentage
    • Fix #3827 - y-axis tooltip value in reversed
    • Fix #4348 - dumbbell chart fix for timescale xaxis
    • Fix #2251 - pie chart dataPointIndex when clicked
    • Fix #4206 - datalabels in timeline chart
    • Revert PR #4240
  • 3.49.0 - 2024-04-21

    🐞 Bug fixes

    • Fix gradient fill glitches for series with nulls - by @ rosco54
    • Fix point annotation still visible when referenced series is collapsed. - by @ rosco54
    • Additional fixes for indexing errors using yaxis-series mappings after - by @ rosco54
    • Fixed Issue #3525. - by @ rosco54
    • added color evaluation function in Bar.js under stroke property - by @ Digvijayrao-KF
    • Radar chart bugfix #4371
    • Update zh-tw.json - by @ iblislin
    • Fixed #4402 by @ rosco54
  • 3.48.0 - 2024-03-19

    🆕 Enhancements

    • Provide a "step before" version of the current "step after" line chart; Fixes #4313
    • Use ShadowRoot getElementById() when in ShadowDOM; Thanks @ cyraid

    🐞 Bug fixes

    • Fixes #4323 (multiple y-axis scale fixes for backward compatibility)
    • Zoomed scale fixes - In zoomed charts, ensure the Y axis scale fits the full min..max range of Y values
    • Fix css nonce attribute
    • Improve grid-rect to prevent bar overflowing on x-axis
    • When chart is type 'bar', ensure reference to zero is maintained
    • Fixes #2757 (annotation overflow)
    • Fixes #3073 (annotation overflow)
    • Fixes #3421 (annotation overflow)
    • Fixes #3553 (annotation overflow)
    • Fixes #4081 (x-axis annotation fix in sparkline)

    Thanks @ rosco54 for multiple y-axis scale fixes

  • 3.47.0 - 2024-03-08

    🆕 Enhancements

    • Map multiple series to the same y-axis scales (in a multi-axes chart) - fixes #4237

    🐞 Bug fixes

    • Area chart gradient drawing glitch; fixes #4271
    • Point annotation fix when y-axis is not present (in case of sparkline or hidden y-axis)
    • When chart is type 'bar', ensure reference to zero is maintained

    Thanks @ rosco54 for y-axis scale improvements

  • 3.46.0 - 2024-02-17

    🆕 Enhancements

    • Improve the y-axis scale tick generation - Thanks @ rosco54
    • Added "+" and "x" markers - Thanks @ MiguelsPizza
    • Add Belarusan cyrilic and latin locale - Thanks @ hrynko

    🐞 Bug fixes

    • Fix #4167 - shadow bug in multi-series chart
    • Fix #4242 - allow labels with Invalid text
  • 3.45.2 - 2024-01-21
  • 3.45.1 - 2023-12-22
  • 3.45.0 - 2023-12-15
  • 3.44.2 - 2023-12-05
  • 3.44.1 - 2023-12-03
  • 3.44.0 - 2023-10-17
  • 3.43.2-0 - 2023-10-12
  • 3.43.0 - 2023-09-30
  • 3.42.0 - 2023-08-25
  • 3.41.1 - 2023-07-31
  • 3.41.0 - 2023-06-07
  • 3.40.0 - 2023-04-30
  • 3.39.0 - 2023-04-16
  • 3.38.0 - 2023-04-14
  • 3.37.3 - 2023-04-02
  • 3.37.2 - 2023-03-21
  • 3.37.1 - 2023-02-22
  • 3.37.0 - 2023-02-04
  • 3.36.3 - 2022-11-05
  • 3.36.2 - 2022-11-05
  • 3.36.1 - 2022-11-03
  • 3.36.0 - 2022-10-12
  • 3.35.5 - 2022-08-22
  • 3.35.4 - 2022-07-25
  • 3.35.3 - 2022-05-25
  • 3.35.2 - 2022-05-08
  • 3.35.1 - 2022-05-07
  • 3.35.0 - 2022-03-31
  • 3.34.0 - 2022-03-29
  • 3.33.2 - 2022-03-02
  • 3.33.1 - 2022-02-08
  • 3.33.0 - 2022-01-11
  • 3.32.1 - 2021-12-23
  • 3.32.0 - 2021-12-06
  • 3.31.0 - 2021-11-28
  • 3.30.0 - 2021-11-13
  • 3.29.0 - 2021-10-10
  • 3.28.3 - 2021-09-16
  • 3.28.2 - 2021-09-16
  • 3.28.1 - 2021-08-24
  • 3.27.3 - 2021-07-22
  • 3.27.2 - 2021-07-07
  • 3.27.1 - 2021-06-06
  • 3.27.0 - 2021-06-06
  • 3.26.3 - 2021-05-18
  • 3.26.2 - 2021-05-09
  • 3.26.1 - 2021-04-18
  • 3.26.0 - 2021-03-15
  • 3.25.0 - 2021-02-14
  • 3.24.0 - 2021-01-30
  • 3.23.1 - 2020-12-29
  • 3.23.0 - 2020-12-15
  • 3.22.3 - 2020-12-06
  • 3.22.2 - 2020-11-08
  • 3.22.1 - 2020-11-01
  • 3.22.0 - 2020-10-03
  • 3.21.0 - 2020-09-20
  • 3.20.2 - 2020-09-10
  • 3.20.1 - 2020-09-08
  • 3.20.0 - 2020-07-31
  • 3.19.3 - 2020-06-26
  • 3.19.2 - 2020-05-19
from apexcharts GitHub release notes
Package name: babel-loader

Snyk has created this PR to upgrade:
  - apexcharts from 3.19.2 to 3.53.0.
    See this package in npm: https://www.npmjs.com/package/apexcharts
  - babel-loader from 8.1.0 to 8.3.0.
    See this package in npm: https://www.npmjs.com/package/babel-loader
  - fusioncharts from 3.15.2 to 3.23.0.
    See this package in npm: https://www.npmjs.com/package/fusioncharts

See this project in Snyk:
https://app.snyk.io/org/sheitak/project/9664de24-130d-4b04-8847-d3ba8c186ef5?utm_source=github&utm_medium=referral&page=upgrade-pr
# for free to join this conversation on GitHub. Already have an account? # to comment