[Snyk] Fix for 1 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • superset-frontend/package.json
  • superset-frontend/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	551/1000 Why? Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-D3COLOR-1076592	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: d3-color

The new version differs by 44 commits.

• 611e1c3 3.0.0
• 4c2be7e Adopt type=module ([Snyk] Security upgrade aiohttp from 3.7.2 to 3.7.4 #90)
• 017a463 v2.0.0
• 7de7354 Merge pull request build(deps): bump @actions/core from 1.2.4 to 1.2.6 in /.github/actions/cached-dependencies #75 from d3/two
• 0ecd740 v2.0.0-rc.1
• 0eb9594 Merge pull request build(deps): bump lodash from 4.17.15 to 4.17.20 in /.github/actions/cached-dependencies #76 from d3/radians
• cc0a51b Merge pull request [Snyk] Security upgrade py from 1.9.0 to 1.10.0 #77 from d3/document-extensions
• fd23843 document extensions
• d86e36b link to https://d3js.org/d3-color.v2.min.js
• c1b93f1 normalize "degrees" and "radians" for deg2rad conversions
• 693572b deliberate ES6 syntax
• e87dc62 1.4.1
• f176ff1 Fix hexadecimal transparent colors.
• df60378 Add link to d3-hsluv.
• acf4da1 Bump eslint-utils from 1.4.0 to 1.4.3
• 0b12fa0 1.4.0
• d0a60ee Add sideEffects: false. Related Add sideEffects: false to package.json.  d3/d3#3131.
• fd380cd Consolidate code.
• 6d5e89c fix test name
• 39f06c9 clean up
• 69f8382 Update README.md
• 7a4982b Add support for 4 and 8 digit hex codes
• bff4aa3 Update README.
• 1a9e612 Update README.

See the full diff

Package name: d3-scale

The new version differs by 145 commits.

• f7cb35b 4.0.0
• 120ad7a adopt InternMap for ordinal scales (chore(deps): bump terser from 4.6.3 to 4.8.1 in /superset-frontend #237)
• ac30873 Adopt type=module (chore(deps-dev): bump @typescript-eslint/parser from 4.19.0 to 5.32.0 in /superset-websocket #246)
• 2b7db62 3.3.0
• f3cfd2c update dependencies
• 80ff9b2 adopt d3-time’s ticks
• 8afe6bd 3.2.4
• 60e10c4 update dependencies
• 116ac06 Treat null as undefined. (chore: fix alt image issue #241)
• c7efc99 3.2.3
• 5d3e9c3 Update d3-array.
• 1ff6522 yarn
• 957482b Update tickFormat.js
• 42d546e scaleQuantile performance fixup
• 0a427eb time_copy is part of the API but was missing from the README
• 1dd3f5a Merge pull request chore(deps): bump got from 11.8.3 to 11.8.5 in /superset-frontend/cypress-base #219 from d3/links-v6
• 8460207 v3.2.2
• 6169111 d3 dependencies
• 0a55cc8 Merge pull request chore(deps): bump react-json-tree from 0.11.2 to 0.16.2 in /superset-frontend #210 from domoritz/fix-nice
• 5046251 links to d3@6 versions
• d0a2fe4 fix documentation: the diverging scale's default domain is [0, 0.5, 1]
• da99948 Use var
• 0932d15 Merge pull request [Snyk] Security upgrade sqlparse from 0.3.0 to 0.4.2 #211 from oluckyman/patch-1
• 2751067 Fix a typo

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

[codecov-commenter]

Codecov Report

Merging #114 (41b7256) into master (9ed8ce5) will decrease coverage by 0.22%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master     #114      +/-   ##
==========================================
- Coverage   76.95%   76.72%   -0.23%     
==========================================
  Files         976      976              
  Lines       51326    51326              
  Branches     6912     6912              
==========================================
- Hits        39496    39380     -116     
- Misses      11609    11725     +116     
  Partials      221      221              

Flag	Coverage Δ
hive	?
javascript	71.40% <ø> (ø)
mysql	81.56% <ø> (ø)
postgres	81.58% <ø> (ø)
presto	?
python	81.67% <ø> (-0.44%)	⬇️
sqlite	81.19% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
superset/db_engines/hive.py	0.00% <0.00%> (-82.15%)	⬇️
superset/db_engine_specs/hive.py	69.44% <0.00%> (-17.07%)	⬇️
superset/db_engine_specs/presto.py	83.36% <0.00%> (-6.53%)	⬇️
superset/views/database/mixins.py	81.03% <0.00%> (-1.73%)	⬇️
superset/connectors/sqla/models.py	88.26% <0.00%> (-1.65%)	⬇️
superset/db_engine_specs/base.py	88.14% <0.00%> (-0.40%)	⬇️
superset/models/core.py	89.76% <0.00%> (-0.27%)	⬇️
superset/utils/core.py	88.97% <0.00%> (-0.13%)	⬇️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 9ed8ce5...41b7256. Read the comment docs.