Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: upgrade d3-color and d3-scale-chromatic #2466

Merged
merged 1 commit into from
Feb 22, 2024
Merged

Conversation

icco
Copy link
Contributor

@icco icco commented Nov 20, 2023

Done to match other packages

Copy link

vercel bot commented Nov 20, 2023

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
nivo ✅ Ready (Inspect) Visit Preview 💬 Add feedback Jan 3, 2024 10:08pm

@OleksandrRakovets
Copy link
Contributor

@icco Can you please update pnpm-lock.yaml as well, so tests could show whether updated versions would work?

Looking forward to this shipped as minor to resolve the vulnerabilities.

@icco
Copy link
Contributor Author

icco commented Jan 3, 2024

@OleksandrRakovets I haven't used pnpm before, but ran pnpm install and pushed the diff

Copy link

codesandbox-ci bot commented Jan 3, 2024

This pull request is automatically built and testable in CodeSandbox.

To see build info of the built libraries, click here or the icon next to each commit SHA.

Latest deployment of this branch, based on commit 67c3056:

Sandbox Source
nivo Configuration

@jclarkcisco
Copy link

Looks good. Can we get this in and make everyone's scans happy again, please? :)

@RicardoAALL
Copy link

@plouc any chance of getting this merged?

@plouc
Copy link
Owner

plouc commented Jan 30, 2024

The version bumps look OK, however the lock file has 25,722 additions, 34,184 deletions which doesn't seem right.

@sebastianarena
Copy link

+1 to this! please merge!

@srubio131
Copy link

srubio131 commented Feb 20, 2024

As a temporary solution and in order not to have to wait for dependency updates, you can use overrides to force a particular version of d3-color to be used in your project.

package.json
... "resolutions": { "d3-color": "3.0.0" } ...

Note: Yarn has "resolutions" and pnpm "overrides" too, and works in a similar way

@icco
Copy link
Contributor Author

icco commented Feb 21, 2024

The version bumps look OK, however the lock file has 25,722 additions, 34,184 deletions which doesn't seem right.

@plouc I just ran the default pnpm install command. What's the correct way to generate this lock file?

@BruceHubbard
Copy link

I pulled down the branch to see why it had that many changes in the lock file and 98% of the changes are whitespace. It looks like the lockfile that is in master uses 4 spaces to indent and this PR instead uses 2 spaces to indent. When I look at the diff using git diff -w it cuts down on the changes quite a bit but there is still stuff like this that shows up:

It's moving the react specifier a LOT of times from 18.2.0 to >= 16.14.0 < 19.0.0:

       react:
-                specifier: 18.2.0
+        specifier: '>= 16.14.0 < 19.0.0'
         version: 18.2.0

It's changing the spacing of a LOT integrity fields:

   /@alloc/[email protected]:
-        resolution:
-            {
-                integrity: sha512-UrcABB+4bUrFABwbluTIBErXwvbsU/V7TZWfmbgJfbkwiBuziS9gxdODUyuiecfdGQ85jglMW6juS3+z5TsKLw==,
-            }
+    resolution: {integrity: sha512-UrcABB+4bUrFABwbluTIBErXwvbsU/V7TZWfmbgJfbkwiBuziS9gxdODUyuiecfdGQ85jglMW6juS3+z5TsKLw==}

I verified this behavior by pulling down the PR branch, replacing the lock file with the one from master, making sure I'm using [email protected] (as specified in the package.json), and then rerunning make init. I ended up with the same lockfile as this PR. Is there a different version of pnpm that doesn't change the whitespace as much? Or some kind of setting for it?

@plouc
Copy link
Owner

plouc commented Feb 22, 2024

@BruceHubbard, thank you for checking, I tried myself and got the same result, not sure why though, but those changes should be fine then, and the specifier field is aligned with what's defined in the packages. So LGTM, and thank you for the contribution @icco!

@plouc plouc merged commit c741a88 into plouc:master Feb 22, 2024
5 checks passed
@icco icco deleted the patch-1 branch February 22, 2024 01:32
sebald referenced this pull request in sebald/pattern-analyzer Mar 10, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [@nivo/axes](https://togithub.com/plouc/nivo)
([source](https://togithub.com/plouc/nivo/tree/HEAD/packages/axes)) |
[`0.84.0` ->
`0.85.1`](https://renovatebot.com/diffs/npm/@nivo%2faxes/0.84.0/0.85.1)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/@nivo%2faxes/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/@nivo%2faxes/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/@nivo%2faxes/0.84.0/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@nivo%2faxes/0.84.0/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [@nivo/bar](https://togithub.com/plouc/nivo)
([source](https://togithub.com/plouc/nivo/tree/HEAD/packages/bar)) |
[`0.84.0` ->
`0.85.1`](https://renovatebot.com/diffs/npm/@nivo%2fbar/0.84.0/0.85.1) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/@nivo%2fbar/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/@nivo%2fbar/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/@nivo%2fbar/0.84.0/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@nivo%2fbar/0.84.0/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [@nivo/core](https://togithub.com/plouc/nivo)
([source](https://togithub.com/plouc/nivo/tree/HEAD/packages/core)) |
[`0.84.0` ->
`0.85.1`](https://renovatebot.com/diffs/npm/@nivo%2fcore/0.84.0/0.85.1)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/@nivo%2fcore/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/@nivo%2fcore/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/@nivo%2fcore/0.84.0/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@nivo%2fcore/0.84.0/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [@nivo/line](https://togithub.com/plouc/nivo)
([source](https://togithub.com/plouc/nivo/tree/HEAD/packages/line)) |
[`0.84.0` ->
`0.85.1`](https://renovatebot.com/diffs/npm/@nivo%2fline/0.84.0/0.85.1)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/@nivo%2fline/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/@nivo%2fline/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/@nivo%2fline/0.84.0/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@nivo%2fline/0.84.0/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [@nivo/pie](https://togithub.com/plouc/nivo)
([source](https://togithub.com/plouc/nivo/tree/HEAD/packages/pie)) |
[`0.84.0` ->
`0.85.1`](https://renovatebot.com/diffs/npm/@nivo%2fpie/0.84.0/0.85.1) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/@nivo%2fpie/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/@nivo%2fpie/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/@nivo%2fpie/0.84.0/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@nivo%2fpie/0.84.0/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [@nivo/scatterplot](https://togithub.com/plouc/nivo)
([source](https://togithub.com/plouc/nivo/tree/HEAD/packages/scatterplot))
| [`^0.84.0` ->
`^0.85.0`](https://renovatebot.com/diffs/npm/@nivo%2fscatterplot/0.84.0/0.85.1)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/@nivo%2fscatterplot/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/@nivo%2fscatterplot/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/@nivo%2fscatterplot/0.84.0/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@nivo%2fscatterplot/0.84.0/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [@nivo/swarmplot](https://togithub.com/plouc/nivo)
([source](https://togithub.com/plouc/nivo/tree/HEAD/packages/swarmplot))
| [`^0.84.0` ->
`^0.85.0`](https://renovatebot.com/diffs/npm/@nivo%2fswarmplot/0.84.0/0.85.1)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/@nivo%2fswarmplot/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/@nivo%2fswarmplot/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/@nivo%2fswarmplot/0.84.0/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@nivo%2fswarmplot/0.84.0/0.85.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>plouc/nivo (@&#8203;nivo/axes)</summary>

### [`v0.85.1`](https://togithub.com/plouc/nivo/releases/tag/v0.85.1)

[Compare
Source](https://togithub.com/plouc/nivo/compare/v0.85.0...v0.85.1)

#### What's Changed

- Tooltip: avoid a flash effect and weird initial transition by
[@&#8203;DimaAmega](https://togithub.com/DimaAmega) in
[https://github.com/plouc/nivo/pull/2480](https://togithub.com/plouc/nivo/pull/2480)
- feat(deps): upgrade d3-scale due to vulnerability by
[@&#8203;plouc](https://togithub.com/plouc) in
[https://github.com/plouc/nivo/pull/2531](https://togithub.com/plouc/nivo/pull/2531)

#### New Contributors

- [@&#8203;DimaAmega](https://togithub.com/DimaAmega) made their first
contribution in
[https://github.com/plouc/nivo/pull/2480](https://togithub.com/plouc/nivo/pull/2480)

**Full Changelog**:
plouc/nivo@v0.85.0...v0.85.1

### [`v0.85.0`](https://togithub.com/plouc/nivo/releases/tag/v0.85.0)

[Compare
Source](https://togithub.com/plouc/nivo/compare/v0.84.0...v0.85.0)

#### What's Changed

- refactor default props to fix error message by
[@&#8203;andre19980](https://togithub.com/andre19980) in
[https://github.com/plouc/nivo/pull/2452](https://togithub.com/plouc/nivo/pull/2452)
- fix(sankey): update onClick types in sankey chart to respect generics
by [@&#8203;stas-demydiuk](https://togithub.com/stas-demydiuk) in
[https://github.com/plouc/nivo/pull/2509](https://togithub.com/plouc/nivo/pull/2509)
- chore: upgrade d3-color and d3-scale-chromatic by
[@&#8203;icco](https://togithub.com/icco) in
[https://github.com/plouc/nivo/pull/2466](https://togithub.com/plouc/nivo/pull/2466)
- Fix: add initial property for truncateTickAt by
[@&#8203;scalabw](https://togithub.com/scalabw) in
[https://github.com/plouc/nivo/pull/2504](https://togithub.com/plouc/nivo/pull/2504)
- fix tooltip default color by
[@&#8203;scalabw](https://togithub.com/scalabw) in
[https://github.com/plouc/nivo/pull/2521](https://togithub.com/plouc/nivo/pull/2521)
- Touch crosshair for line graphs by
[@&#8203;WilliamABradley](https://togithub.com/WilliamABradley) in
[https://github.com/plouc/nivo/pull/2524](https://togithub.com/plouc/nivo/pull/2524)
- fix(marimekko): use readonly arrays for props as the library does not
modify them by [@&#8203;pcorpet](https://togithub.com/pcorpet) in
[https://github.com/plouc/nivo/pull/2493](https://togithub.com/plouc/nivo/pull/2493)
- fix(line): use readonly arrays for props as the library does not
modify them by [@&#8203;pcorpet](https://togithub.com/pcorpet) in
[https://github.com/plouc/nivo/pull/2494](https://togithub.com/plouc/nivo/pull/2494)
- Fix (peer) dependencies by
[@&#8203;marvinruder](https://togithub.com/marvinruder) in
[https://github.com/plouc/nivo/pull/2528](https://togithub.com/plouc/nivo/pull/2528)

#### New Contributors

- [@&#8203;andre19980](https://togithub.com/andre19980) made their first
contribution in
[https://github.com/plouc/nivo/pull/2452](https://togithub.com/plouc/nivo/pull/2452)
- [@&#8203;stas-demydiuk](https://togithub.com/stas-demydiuk) made their
first contribution in
[https://github.com/plouc/nivo/pull/2509](https://togithub.com/plouc/nivo/pull/2509)
- [@&#8203;icco](https://togithub.com/icco) made their first
contribution in
[https://github.com/plouc/nivo/pull/2466](https://togithub.com/plouc/nivo/pull/2466)
- [@&#8203;scalabw](https://togithub.com/scalabw) made their first
contribution in
[https://github.com/plouc/nivo/pull/2504](https://togithub.com/plouc/nivo/pull/2504)
- [@&#8203;WilliamABradley](https://togithub.com/WilliamABradley) made
their first contribution in
[https://github.com/plouc/nivo/pull/2524](https://togithub.com/plouc/nivo/pull/2524)
- [@&#8203;marvinruder](https://togithub.com/marvinruder) made their
first contribution in
[https://github.com/plouc/nivo/pull/2528](https://togithub.com/plouc/nivo/pull/2528)

**Full Changelog**:
plouc/nivo@v0.84.0...v0.85.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 4am on the first day of the
month" (UTC), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/sebald/pattern-analyzer).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMzAuMCIsInVwZGF0ZWRJblZlciI6IjM3LjIzMC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

8 participants