Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade plotly.js-cartesian-dist-min from 2.12.1 to 2.35.2 #785

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

FlorentinTh
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade plotly.js-cartesian-dist-min from 2.12.1 to 2.35.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 51 versions ahead of your current version.

  • The recommended version was released on a month ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Improper Input Validation
SNYK-JS-FOLLOWREDIRECTS-6141137
686 Proof of Concept
medium severity Information Exposure
SNYK-JS-FOLLOWREDIRECTS-6444610
686 Proof of Concept
Release notes
Package name: plotly.js-cartesian-dist-min
  • 2.35.2 - 2024-09-10

    Fixed

    • Fix require path to maplibre-gl.css (regression introduced in 2.35.1) [#7146],
      with thanks to @ birkskyum for the contribution!
  • 2.35.1 - 2024-09-09

    Fixed

    • Fix rendering traces with zorder on overlayed subplots case of multiple traces in each subplot [#7141]
    • Fix missing CSS for map(maplibre) subplots when used offline [#7140],
      with thanks to @ birkskyum for the contribution!
  • 2.35.0 - 2024-08-29

    Added

    Changed

    • Deprecate mapbox traces and mapbox subplot [#7087]
    • Drop obsolete npm v6 installation [#7095]
    • Use Node.js v18 and npm v10 in development [#7078]
    • Update npm lockfile to v3 [#7099]
    • Update turf to v7 [#7116]

    Fixed

    • Fix centroid calculation in turf [#7115],
      with thanks to @ birkskyum for the contribution!
    • Fix missing cursor for Ternary Plot[#7057],
      with thanks to @ Lexachoc for the contribution!
    • Elaborate on the Custom Bundle guide [#7101]
  • 2.34.0 - 2024-07-18

    Added

    • Add subtitle attribute to layout.title to enable adding subtitles to plots [#7012]
    • Introduce "u" and "s" pseudo html tags to add partial underline and strike-through styles to SVG text elements [#7043]
    • Add geometric mean functionality and 'geometric mean ascending' + 'geometric mean descending' to category_order on cartesian axes [#6223],
      with thanks to @ acxz and @ prabhathc for the contribution!
    • Add axis property ticklabelindex for drawing the label for each minor tick n positions away from a major tick,
      with thanks to @ my-tien for the contribution! [#7036]
    • Add property ticklabelstandoff and ticklabelshift to cartesian axes to adjust positioning of tick labels,
      with thanks to @ my-tien for the contribution! [#7006]
    • Add x0shift, x1shift, y0shift, y1shift to shapes to add control over positioning of shape vertices on (multi-)category axes,
      with thanks to @ my-tien for the contribution! [#7005]

    Fixed

    • Fix displaying scattergl traces while zooming or panning (regression introduced in 2.26.0) [#7018],
      with thanks to @ eiriklv for the contribution!
    • Fix for excessive hoverlabel removal and overlap for plots with both scatter and bar traces [#6954],
      with thanks to @ mbant for the contribution!
    • Fix adding cartesian "togglehover" when included in modebar.add [#5879],
      with thanks to @ Sizurka for the contribution!
    • Handle zorder between overlaying cartesian subplots [#7032],
      This feature was anonymously sponsored: thank you to our sponsor!
  • 2.33.0 - 2024-05-29

    Added

    • Add support for numeric text font weight [#6990]
    • Add shadow, lineposition and textcase options to SVG fonts [#6983]

    Fixed

    • Fix unicode variable names in @ plotly/d3 [#6992],
      with thanks to @ GeorchW for the contribution!
    • Fix getFullTransformMatrix in shadow DOM [#6996],
      with thanks to @ OpportunityLiu for the contribution!
    • Fix drag on legend scrollbar while edits.legendPosition is true [#6997],
      with thanks to @ OpportunityLiu for the contribution!
    • Fix numerical instability in 3D plots [6998],
      with thanks to @ hborchardt for the contribution!
    • Fix numerical precision of drawing surface trace [6999],
      with thanks to @ hborchardt for the contribution!
    • Fix isosurface maximum value calculation when isomax is set to null [#7002]
  • 2.32.0 - 2024-04-23

    Added

    • Add "bold" weight, "italic" style and "small-caps" variant options to fonts [#6956]

    Fixed

    • Fix applying autotickangles on axes with showdividers as well as cases
      where tickson is set to "boundaries" [#6967],
      with thanks to @ my-tien for the contribution!
    • Fix positioning of multi-line axis titles with standoff [#6970],
      with thanks to @ my-tien for the contribution!
  • 2.31.1 - 2024-04-15

    Fixed

    • Maintain original drawing order of traces when traces with similar type are sent to back [#6962]
    • Ensure winning points of hover are listed first when hoversubplots is set to "axis" and sorting by distance [#6963]
    • Fix duplicated points in splom hover when hoversubplots is set to "axis" [#6965]
  • 2.31.0 - 2024-04-10

    Added

    • Add zorder attribute to various cartesian traces for controlling stacking order of SVG traces drawn
      into a subplot [#6918, #6953]. This feature was anonymously sponsored: thank you to our sponsor!
    • Add "between" option to shape layer for placing them above grid lines and below traces [#6927],
      with thanks to @ my-tien for the contribution!
    • Add "raw" sizemode to cone trace [#6938]
    • Add layout.hoversubplots to enable (x|y) and unified hover effects across multiple cartesian suplots
      sharing one axis [#6947, #6950]

    Changed

    • Regenerate stackgl_modules/index.js using updated dependencies [#6937]

    Fixed

    • Fix hover count in parcats trace [#6944], with thanks to @ weiweikee for the contribution!
  • 2.30.1 - 2024-03-15

    Fixed

    • Fix centering multi-line headers for treemap traces [#6923]
    • Fix heatmap text color and texttemplate on cells with missing data [#6924]
    • Fix scattergl rendering when colors include capital letters [#6928],
      with thanks to @ 28raining and @ dy for the contribution!
  • 2.30.0 - 2024-03-06

    Added

    • Add fill gradients for scatter traces [#6905],
      with thanks to @ lumip for the contribution!
    • Add indentation to legend [#6874],
      with thanks to @ my-tien for the contribution!

    Fixed

    • Fix tooltip pointer position [#6901],
      with thanks to @ OBe95 for the contribution!
    • Fix standoff position [#6889, #6914],
      with thanks to @ ayjayt for the contribution!
    • Fix resizing pie and funnelarea traces when textinfo is set to "none" [#6893],
      with thanks to @ robbtraister for the contribution!
    • Fix insiderange on category axes [#6910]
    • Fix display of "boundaries" tickson when tickmode is set to "array" [#6912]
  • 2.29.1 - 2024-02-12
  • 2.29.0 - 2024-02-02
  • 2.28.0 - 2024-01-05
  • 2.27.1 - 2023-11-08
  • 2.27.0 - 2023-10-20
  • 2.26.2 - 2023-10-04
  • 2.26.1 - 2023-09-22
  • 2.26.0 - 2023-08-24
  • 2.25.2 - 2023-08-11
  • 2.25.1 - 2023-08-02
  • 2.25.0 - 2023-07-25
  • 2.24.3 - 2023-07-05
  • 2.24.2 - 2023-06-09
  • 2.24.1 - 2023-06-07
  • 2.24.0 - 2023-06-06
  • 2.23.2 - 2023-05-19
  • 2.23.1 - 2023-05-17
  • 2.23.0 - 2023-05-12
  • 2.22.0 - 2023-04-27
  • 2.21.0 - 2023-04-17
  • 2.20.0 - 2023-03-15
  • 2.19.1 - 2023-03-14
  • 2.19.0 - 2023-03-13
  • 2.18.2 - 2023-02-15
  • 2.18.1 - 2023-02-02
  • 2.18.0 - 2023-01-19
  • 2.17.1 - 2023-01-09
  • 2.17.0 - 2022-12-23
  • 2.16.5 - 2022-12-13
  • 2.16.4 - 2022-12-07
  • 2.16.3 - 2022-11-16
  • 2.16.2 - 2022-11-12
  • 2.16.1 - 2022-10-21
  • 2.16.0 - 2022-10-14
  • 2.15.1 - 2022-10-11
  • 2.15.0 - 2022-10-07
  • 2.14.0 - 2022-08-10
  • 2.13.3 - 2022-07-25
  • 2.13.2 - 2022-07-21
  • 2.13.1 - 2022-07-14
  • 2.13.0 - 2022-07-14
  • 2.12.1 - 2022-05-09
from plotly.js-cartesian-dist-min GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

Snyk has created this PR to upgrade plotly.js-cartesian-dist-min from 2.12.1 to 2.35.2.

See this package in npm:
plotly.js-cartesian-dist-min

See this project in Snyk:
https://app.snyk.io/org/florentinth/project/c53000cf-7883-4d87-9061-9798d8927338?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants