[Snyk] Fix for 22 vulnerabilities

[laxmanraparthi]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • superset-frontend/package.json
  • superset-frontend/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	619/1000 Why? Has a fix available, CVSS 8.1	Prototype Pollution SNYK-JS-AJV-584908	No	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-ASYNCVALIDATOR-2311201	No	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-D3COLOR-1076592	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	Yes	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-HTTPCACHESEMANTICS-3248783	No	Proof of Concept
	631/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.2	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	Proof of Concept
	751/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.6	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	No	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-LOADERUTILS-3043105	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	No	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-NTHCHECK-1586032	Yes	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	Improper Input Validation SNYK-JS-POSTCSS-5926692	Yes	No Known Exploit
	490/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-RAMDA-1582370	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept
	626/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.1	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6147607	Yes	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-TRIM-1017038	No	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	Yes	No Known Exploit
	811/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.8	Remote Code Execution (RCE) SNYK-JS-VM2-5772823	No	Proof of Concept
	811/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.8	Remote Code Execution (RCE) SNYK-JS-VM2-5772825	No	Proof of Concept
	736/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.3	Sandbox Bypass SNYK-JS-WEBPACK-3358798	No	Proof of Concept
	506/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 3.7	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @storybook/addon-docs

The new version differs by 250 commits.

• 49f18e8 Bump version from "8.0.0-rc.5" to "8.0.0" [skip ci]
• 6c30c31 Trigger release of 8.0.0 with empty commit
• 8c7c296 Write changelog [skip ci]
• 82e153f Merge pull request Can't save a dataset from SQL Lab if it contains a CTE named "data" apache/superset#26358 from storybookjs/framework-doc-svelte-vite
• fffbbc9 Add `svelte-vite` framework doc
• 298d60c Merge pull request Subscribe to session timeout apache/superset#26265 from storybookjs/framework-doc-react-webpack5
• f9646dd Address comments
• d392a90 Add `react-webpack5` framework doc
• 3004edf Merge pull request fix: Stacked charts with numerical columns apache/superset#26264 from storybookjs/framework-doc-react-vite
• 3586fc9 Address comments
• 116fd4a Add react-vite framework doc
• 9050c69 Bump version from "8.0.0-rc.4" to "8.0.0-rc.5" [skip ci]
• 1e33053 Merge pull request fix(embedded): Hide dashboard fullscreen option for embedded context apache/superset#26412 from storybookjs/version-non-patch-from-8.0.0-rc.4
• cdfd820 Write changelog for 8.0.0-rc.5 [skip ci]
• eac3a3b Merge pull request fix(dashboard): Chart menu disable is fixed on chart-fullscreen in issue #25992 apache/superset#26410 from storybookjs/norbert/fix-automigration-latest-detection
• d978771 add a flag for detecting is the latest version we got from npm matches the version of the CLI exactly
• bfa0570 Bump version from "8.0.0-rc.3" to "8.0.0-rc.4" [skip ci]
• 46bc788 Merge pull request docs: Install a supported webdriver in the Celery worker on Kubernetes deployment apache/superset#26370 from storybookjs/version-non-patch-from-8.0.0-rc.3
• a6e4d90 Write changelog for 8.0.0-rc.4 [skip ci]
• 37276b2 Merge pull request In 3.1.0rc3, color rendering of charts displayed in dashboard view is different than color rendering in chart view --regression from 2.1.0 apache/superset#26321 from storybookjs/docs_snapshot_testing
• c1fc191 Merge branch 'next' into docs_snapshot_testing
• 4f6f044 Merge pull request fix(sqllab): Bump duckdb-engine version to 0.9.5 apache/superset#26405 from storybookjs/norbert/fix-esbuild-version
• 9c2d525 fix the esbuild compatibility versions ranges
• 973fa2d Merge pull request fix(embed): an error occurred while rendering the visualization: error: Item with key ... is not registered. apache/superset#26398 from storybookjs/docs_fix_tables

See the full diff

Package name: @storybook/addon-essentials

The new version differs by 250 commits.

• 49f18e8 Bump version from "8.0.0-rc.5" to "8.0.0" [skip ci]
• 6c30c31 Trigger release of 8.0.0 with empty commit
• 8c7c296 Write changelog [skip ci]
• 82e153f Merge pull request Can't save a dataset from SQL Lab if it contains a CTE named "data" apache/superset#26358 from storybookjs/framework-doc-svelte-vite
• fffbbc9 Add `svelte-vite` framework doc
• 298d60c Merge pull request Subscribe to session timeout apache/superset#26265 from storybookjs/framework-doc-react-webpack5
• f9646dd Address comments
• d392a90 Add `react-webpack5` framework doc
• 3004edf Merge pull request fix: Stacked charts with numerical columns apache/superset#26264 from storybookjs/framework-doc-react-vite
• 3586fc9 Address comments
• 116fd4a Add react-vite framework doc
• 9050c69 Bump version from "8.0.0-rc.4" to "8.0.0-rc.5" [skip ci]
• 1e33053 Merge pull request fix(embedded): Hide dashboard fullscreen option for embedded context apache/superset#26412 from storybookjs/version-non-patch-from-8.0.0-rc.4
• cdfd820 Write changelog for 8.0.0-rc.5 [skip ci]
• eac3a3b Merge pull request fix(dashboard): Chart menu disable is fixed on chart-fullscreen in issue #25992 apache/superset#26410 from storybookjs/norbert/fix-automigration-latest-detection
• d978771 add a flag for detecting is the latest version we got from npm matches the version of the CLI exactly
• bfa0570 Bump version from "8.0.0-rc.3" to "8.0.0-rc.4" [skip ci]
• 46bc788 Merge pull request docs: Install a supported webdriver in the Celery worker on Kubernetes deployment apache/superset#26370 from storybookjs/version-non-patch-from-8.0.0-rc.3
• a6e4d90 Write changelog for 8.0.0-rc.4 [skip ci]
• 37276b2 Merge pull request In 3.1.0rc3, color rendering of charts displayed in dashboard view is different than color rendering in chart view --regression from 2.1.0 apache/superset#26321 from storybookjs/docs_snapshot_testing
• c1fc191 Merge branch 'next' into docs_snapshot_testing
• 4f6f044 Merge pull request fix(sqllab): Bump duckdb-engine version to 0.9.5 apache/superset#26405 from storybookjs/norbert/fix-esbuild-version
• 9c2d525 fix the esbuild compatibility versions ranges
• 973fa2d Merge pull request fix(embed): an error occurred while rendering the visualization: error: Item with key ... is not registered. apache/superset#26398 from storybookjs/docs_fix_tables

See the full diff

Package name: @storybook/builder-webpack5

The new version differs by 250 commits.

• 4f2afa6 v7.0.0
• 03292b0 Update root, peer deps, version.ts/json to 7.0.0 [ci skip]
• b2dc5cf Revert "Update root, peer deps, version.ts/json to 7.0.0 [ci skip]"
• 7f391a3 Update root, peer deps, version.ts/json to 7.0.0 [ci skip]
• f0b53cb 7.0.0 changelog
• 930917d Merge pull request Additions/suggestions to improve the Superset DB query table apache/superset#21856 from storybookjs/docs/interactions-addon-migration
• f1c13da 7.0.0-rc.11 next.json version file [skip ci]
• 512a2ae Update git head to 7.0.0-rc.11, update yarn.lock [ci skip]
• 908c324 v7.0.0-rc.11
• 5edc7c0 Update root, peer deps, version.ts/json to 7.0.0-rc.11 [ci skip]
• 324d9bb 7.0.0-rc.11 changelog
• 37d9737 interactions debugger is now default
• 9682f7c Merge pull request #21833 from storybookjs/kasper/fix-strict-args-decorator-with-interface
• a08ffc7 Put @ storybook/csf version back into next
• 2cc1d36 Merge pull request feat(db_engine_specs): Allow uploaded columns of dtype datetime to be stored as TIMESTAMP in the Hive schema apache/superset#21850 from storybookjs/fix/tone-down-dependency-alerts
• 941103b Merge pull request when i run command with npm run build, it tell me react not support css property apache/superset#21851 from storybookjs/valentin/export-application-config-decorator
• 31700c0 Export applicationConfig decorator and adjust documentation for usage
• 3d9544f Merge pull request chore(deps-dev): bump @typescript-eslint/parser from 4.19.0 to 5.40.1 in /superset-websocket apache/superset#21846 from storybookjs/chore_docs_webpack_tweaks
• 79b590b Tweaks to the Webpack docs
• d193be5 Merge pull request refactor: return initial exception and check if it's user error apache/superset#21836 from storybookjs/fix/downgrade-remark-deps
• 79b1fde Merge pull request fix(sqllab): Fix spacing on Schedule option in SqlEditor dropdown apache/superset#21832 from storybookjs/fix/polyfill-global
• 590f053 downgrade remark related dependencies
• b421d95 only provide critical duplicated dependency warning on major version difference
• acace30 Merge pull request fix(report): Capture unexpected errors in report screenshots. Fixes #21653 apache/superset#21724 from jungpaeng/docs/fix-controls

See the full diff

Package name: @storybook/react

The new version differs by 250 commits.

• 4f2afa6 v7.0.0
• 03292b0 Update root, peer deps, version.ts/json to 7.0.0 [ci skip]
• b2dc5cf Revert "Update root, peer deps, version.ts/json to 7.0.0 [ci skip]"
• 7f391a3 Update root, peer deps, version.ts/json to 7.0.0 [ci skip]
• f0b53cb 7.0.0 changelog
• 930917d Merge pull request Additions/suggestions to improve the Superset DB query table apache/superset#21856 from storybookjs/docs/interactions-addon-migration
• f1c13da 7.0.0-rc.11 next.json version file [skip ci]
• 512a2ae Update git head to 7.0.0-rc.11, update yarn.lock [ci skip]
• 908c324 v7.0.0-rc.11
• 5edc7c0 Update root, peer deps, version.ts/json to 7.0.0-rc.11 [ci skip]
• 324d9bb 7.0.0-rc.11 changelog
• 37d9737 interactions debugger is now default
• 9682f7c Merge pull request #21833 from storybookjs/kasper/fix-strict-args-decorator-with-interface
• a08ffc7 Put @ storybook/csf version back into next
• 2cc1d36 Merge pull request feat(db_engine_specs): Allow uploaded columns of dtype datetime to be stored as TIMESTAMP in the Hive schema apache/superset#21850 from storybookjs/fix/tone-down-dependency-alerts
• 941103b Merge pull request when i run command with npm run build, it tell me react not support css property apache/superset#21851 from storybookjs/valentin/export-application-config-decorator
• 31700c0 Export applicationConfig decorator and adjust documentation for usage
• 3d9544f Merge pull request chore(deps-dev): bump @typescript-eslint/parser from 4.19.0 to 5.40.1 in /superset-websocket apache/superset#21846 from storybookjs/chore_docs_webpack_tweaks
• 79b590b Tweaks to the Webpack docs
• d193be5 Merge pull request refactor: return initial exception and check if it's user error apache/superset#21836 from storybookjs/fix/downgrade-remark-deps
• 79b1fde Merge pull request fix(sqllab): Fix spacing on Schedule option in SqlEditor dropdown apache/superset#21832 from storybookjs/fix/polyfill-global
• 590f053 downgrade remark related dependencies
• b421d95 only provide critical duplicated dependency warning on major version difference
• acace30 Merge pull request fix(report): Capture unexpected errors in report screenshots. Fixes #21653 apache/superset#21724 from jungpaeng/docs/fix-controls

See the full diff

Package name: @svgr/webpack

The new version differs by 74 commits.

• af9a6cb v6.0.0
• e9469c3 Merge pull request Improvements to NVD3 charts (axis labels & min bar width) apache/superset#629 from gregberge/rewriting-docs
• eb3282b docs: rewriting
• 6f832f0 Merge pull request Pinning all dependencies to specific versions apache/superset#627 from gregberge/support-css-variables
• cbdb47f fix: support CSS variables
• 985444d chore: fix package-lock.json
• a5effba v6.0.0-alpha.4
• 3f071d6 Merge pull request Prevent the cannot-overwrite error message from being removed apache/superset#626 from gregberge/upgrade-deps
• daf6a08 chore(deps): upgrade
• 1c5f163 Merge pull request Redirect to druid datasource page when the user wants to add slice. Also, provide a link to the table page apache/superset#625 from gregberge/icon-size
• 483560d chore: fix package-lock.json
• 3c0b779 feat: allow to specify icon size
• 6ba16a3 Merge pull request Check ownership before a slice is deleted apache/superset#624 from gregberge/various-things
• f61c8ba chore: fix ref following refactoring
• 261e1b5 v6.0.0-alpha.3
• fe5c117 Merge pull request API for getting image apache/superset#623 from gregberge/webpack
• 9a4cbce docs(examples): update examples
• 1a8cc98 fix(webpack): fix webpack 5 behaviour with url-loader
• a857bb1 feat: support mask-type property (Update sql.js to fix a invalid error msg apache/superset#621)
• 5966714 fix(template): make it possible to use type in template (is it possible to have configurable intervals for fetching druid's segmentMetadata apache/superset#619)
• 9ea5da4 refactor(core): use exportName transform (make it possible to translate grains apache/superset#616)
• 8a1b0aa docs(readme): Fixing CRA link (minor correction on the right npm path apache/superset#618)
• 00a1d4b chore: fix package-lock.json
• f729efa v6.0.0-alpha.2

See the full diff

Package name: antd

The new version differs by 250 commits.

• 870b72a docs: 4.17.0 changelog (#32859)
• 3a5b6b8 chore(deps-dev): bump stylelint-config-standard from 23.0.0 to 24.0.0 (#32866)
• 7e2dc80 chore(.gitignore):add ignore for pnpm (#32860)
• 491cc4f fix: borderLeftRadius error for Input.Search #32808 (#32812)
• 958df3d docs: add demo for Input.Group (#32837)
• ce006bd docs: Version Robin (#32830)
• 3f495bb chore: Upgrade react router v6 (#32821)
• 43569b9 docs: update customize-theme-variable.zh-CN.md
• 7ed7c60 style: fix Tree icon align bug (#32822)
• 01887b4 fix: if breadcrumbRender return false, breadcrumb will hidden (#32738)
• 5f642cb fix: tag animation demo (#32804)
• 852a451 chore(Tag): update tween-one (#32800)
• 90aff3a docs: fix Spin API ts description (#32786)
• 8a3b5d9 fix: Form horizontal broken style when select item is too long (#32778)
• a73f4a3 docs: Fix the link in Table's API doc (#32779)
• ecc54dd fix: codepen demo error using hooks (#32766)
• cf15379 docs: add 4.17.0-alpha.10 changelog (#32775)
• f7380b7 chore(deps-dev): bump eslint-plugin-unicorn from 37.0.1 to 38.0.0 (#32765)
• b1ea2e4 fix: opening animation of the bottom drawer (#32761)
• 10a8578 fix: Spin tip can be react node (#32733)
• fa65cd3 chore(deps-dev): bump @ types/gtag.js from 0.0.7 to 0.0.8 (#32746)
• f88bd4d refactor: Move part mixins less to theme instead (#32763)
• 5360722 chore: update form demo
• ea52572 chore(💄): fix issue template

See the full diff

Package name: babel-jest

The new version differs by 250 commits.

• be16e47 v27.0.0
• 63102ec chore: update changelog for release
• 564694a docs(blog): Jest 27 blog post (test: removed unicode_test example from unit tests apache/superset#11131)
• b68d91b feat(pretty-print): add option `printBasicPrototype` (SQL init sentences per session as part of the Sources->Databases configuration apache/superset#11441)
• 2226742 chore: minor simplify format results error (feat: annotation layers CRUD list view apache/superset#11432)
• 78eb25d chore: remove needless assign (build: disable pr reviews for pr-lint action apache/superset#11433)
• 696c455 chore: update lockfile after publish
• e2eb9ae v27.0.0-next.11
• 3b253f8 Wait for closed resources to actually close before detecting open handles (fix: is_temporal should be overridden by is_dttm value apache/superset#11429)
• 27bee72 fix: run GC before collecting open handles (fix: add schema name to datasource field in chart list apache/superset#11278)
• 50451df feat: use fallback if prettier not found (fix: long labels now truncate with ellipsis apache/superset#11400)
• 150dbd8 chore: update lockfile after publish
• 6f44529 v27.0.0-next.10
• cbcec7d Upgrade fsevents in jest-haste-map (fix: Explore popovers issues apache/superset#11428)
• 9633a26 feat: support reporters written in ESM (fix: moved inline inputs styles to component's less file apache/superset#11427)
• 59f42d8 fix: do not cache modules that throw during evaluation (More owners toggle in CRUD view renders with extra ellipsis apache/superset#11263)
• 57e32e9 Detect open handles with done callbacks (fix: better error messages for dashboard properties modal apache/superset#11382)
• a397607 Document and test dontThrow for custom inline snapshot matchers (docs: fix 'npm run build' + run 'npm audit fix' apache/superset#10995)
• 4fa3a0b feat: custom haste (fix: Disabling timezone of dataframe before passing Prophet apache/superset#11107)
• 2047a36 chore: bump deps (Apply button gets pushed out of filter box when the filter box is small with too many filter values selected  apache/superset#11419)
• a4358d6 chore: run prettier on changelog
• bdd6282 Move all default values into `jest-config` (feat: Excel file export apache/superset#9924)
• db643a1 Link to Jest config (Issue while using Forecasting  apache/superset#11106)
• b16082c Fix locale issue fix: bump pydruid to 0.6.0 apache/superset#10014 (fix: multiple issues with FilterPopover apache/superset#11412)

See the full diff

Package name: broadcast-channel

The new version differs by 250 commits.

• 3e10398 5.3.0
• 4cf31bf Update CHANGELOG.md
• b8cc6b3 Enables rimraf renovate PR to 5.x by replacing rimraf with native fs rm (60 % unit test coverage for the SQL Lab react app apache/superset#1243)
• 3205ef2 chore(deps): update dependency testcafe to v3.2.0
• 6192cad chore(deps): update actions/setup-node action to v3.8.1
• aac43a4 chore(deps): update dependency testcafe to v3 (do not overwrite the stored password with the masked password apache/superset#1209)
• 90ba053 chore(deps): update dependency eslint to v8.47.0
• ba28d30 5.2.0
• e97075c chore(deps): update dependency ubuntu to v22 (Provide pivot table with date column apache/superset#1239)
• 5970677 fix(): add a default export (Provide ability to import / export the datasource metadata  apache/superset#1237)
• 8d16461 chore(deps): update dependency rollup to v3.28.0
• b1b542d chore(deps): update babel monorepo to v7.22.10
• 9388240 chore(deps): update dependency rollup to v3.27.2
• 26fa893 chore(deps): update dependency rollup to v3.27.1
• ac29b7d chore(deps): update dependency eslint to v8.46.0
• cca05c7 chore(deps): update dependency jest to v29.6.2
• e75751b chore(deps): update dependency rollup to v3.27.0
• 90abffc chore(deps): update dependency webpack to v5.88.2
• 0e150c4 chore(deps): update dependency rollup to v3.26.3
• 163ea53 chore(deps): update dependency eslint to v8.45.0
• 97e280e chore(deps): update babel monorepo to v7.22.9
• 35473de chore(deps): update dependency rollup to v3.26.2
• 3ed57b5 chore(deps): update dependency jest to v29.6.1
• f004082 chore(deps): update babel monorepo

See the full diff

Package name: d3-color

The new version differs by 21 commits.

• 7a1573e 3.1.0
• 75c19c4 update LICENSE
• ef94e01 update dependencies
• 5e9f757 method shorthand
• e4bc34e formatHex8 ([Snyk] Fix for 12 vulnerabilities #103)
• ac660c6 {rgb,hsl}.clamp() ([Snyk] Security upgrade axios from 0.25.0 to 1.6.3 #102)
• 70e3a04 clamp HSL format ([Snyk] Fix for 12 vulnerabilities #101)
• 994d8fd avoid backtracking ([Snyk] Security upgrade jest from 26.6.3 to 27.0.0 #100)
• 7d61bbe 3.0.1
• 93bc4ff related Generate copyright from LICENSE. d3/d3#3502; extract copyrights from LICENSE
• 611e1c3 3.0.0
• 4c2be7e Adopt type=module ([Snyk] Security upgrade pillow from 9.3.0 to 10.0.1 #90)
• 017a463 v2.0.0
• 7de7354 Merge pull request [Snyk] Fix for 1 vulnerabilities #75 from d3/two
• 0ecd740 v2.0.0-rc.1
• 0eb9594 Merge pull request [Snyk] Security upgrade @storybook/react from 6.5.16 to 7.0.0 #76 from d3/radians
• cc0a51b Merge pull request [Snyk] Fix for 1 vulnerabilities #77 from d3/document-extensions
• fd23843 document extensions
• d86e36b link to https://d3js.org/d3-color.v2.min.js
• c1b93f1 normalize "degrees" and "radians" for deg2rad conversions
• 693572b deliberate ES6 syntax

See the full diff

Package name: d3-scale

The new version differs by 91 commits.

• f7cb35b 4.0.0
• 120ad7a adopt InternMap for ordinal scales (Would be good to log tracebacks apache/superset#237)
• ac30873 Adopt type=module (CHORE - Remove Trailing Spaces apache/superset#246)
• 2b7db62 3.3.0
• f3cfd2c update dependencies
• 80ff9b2 adopt d3-time’s ticks
• 8afe6bd 3.2.4
• 60e10c4 update dependencies
• 116ac06 Treat null as undefined. (Spark SQL backend (to support Elasticsearch, Cassandra, etc) apache/superset#241)
• c7efc99 3.2.3
• 5d3e9c3 Update d3-array.
• 1ff6522 yarn
• 957482b Update tickFormat.js
• 42d546e scaleQuantile performance fixup
• 0a427eb time_copy is part of the API but was missing from the README
• 1dd3f5a Merge pull request Add 'Percent of previous' to sunburst vis. Appease npm warnings for data tables and d3.layout.cloud apache/superset#219 from d3/links-v6
• 8460207 v3.2.2
• 6169111 d3 dependencies
• 0a55cc8 Merge pull request fixing cache timeout setting apache/superset#210 from domoritz/fix-nice
• 5046251 links to d3@6 versions
• d0a2fe4 fix documentation: the diverging scale's default domain is [0, 0.5, 1]
• da99948 Use var
• 0932d15 Merge pull request Query Time Lookups for Dimensions in Druid apache/superset#211 from oluckyman/patch-1
• 2751067 Fix a typo

See the full diff

Package name: eslint-import-resolver-typescript

The new version differs by 13 commits.

• 6683854 chore(release): 3.0.0
• 67c8d59 feat!: remove depracated directory option
• 93339ca refactor: workaround for https://github.com/Reproduce baseUrl + .js extension with .ts source privatenumber/get-tsconfig#19
• 78a08e0 feat!: use get-tsconfig to replace tsconfig-paths
• 322cb29 feat!: bump globby, use synckit for sync fn
• 1e1b5a6 feat: ignore `node_modules` folder in `projects` option glob ([Snyk] Security upgrade pyarrow from 10.0.1 to 14.0.1 #105)
• b2edbc8 chore(deps)!: bump tsconfig-paths to ^4.0.0 ([Snyk] Fix for 12 vulnerabilities #104)
• 1bc9f42 chore(release): 2.7.1
• 664465f fix: per package.json warning ([Snyk] Fix for 12 vulnerabilities #101)
• 9ec18d7 chore(release): 2.7.0
• 1e39028 feat: support `.cjs` `.mjs` `.cts` `.mts` extensions ([Snyk] Fix for 6 vulnerabilities #84)
• 4487788 chore(release): 2.6.0
• 2e7b4f4 fix: upgrade (dev)Dependencies ([Snyk] Fix for 12 vulnerabilities #99)

See the full diff

Package name: fork-ts-checker-webpack-plugin

The new version differs by 32 commits.

• 6d7f64f fix: remove console.log in getInfrastructureLogger
• fc928f4 Release v7.0.0 (Adding an option to make separators in dashboard apache/superset#699)
• 954385e refactor: upgrade project dependencies (Tutorials apache/superset#698)
• c358dfb Merge pull request Adding new visualizations apache/superset#697 from TypeStrong/feature/merge-main-into-alpha
• 050cdae Merge branch 'main' of github.com:TypeStrong/fork-ts-checker-webpack-plugin into alpha
• 03abe7b docs: add plugin logo (Adding in Second and Minute time grains for MySQL apache/superset#696)
• 4b13fd3 feat: simplify logger options (Druid : Datasource Link throws sqlalchemy.exc.OperationalError apache/superset#695)
• 39ebae6 refactor: rename files to match convention (druid apache/superset#693)
• f7dfdcf feat: migrate from reporters to workers (Smarter redirect on slice creation apache/superset#691)
• 61f7cdf feat: implement write-dts mode (Flask-AppBuilder has upgraded to 1.8.0 apache/superset#679)
• b1c0d9a revert: "fix: support "setup" attribute in <script> tag in vue 3 (Showing only dashboards on welcome page apache/superset#676)" ("Add Slices" modal on dashboard page apache/superset#678)
• 40e4ecf fix: support "setup" attribute in <script> tag in vue 3 (Showing only dashboards on welcome page apache/superset#676)
• a0ad06f refactor: add eslint rules to enforce import order (Can you publish a new version to PyPI? apache/superset#671)
• 871bfe8 fix: require typescript@^3.8.0 for build: true mode (Reintroducing showControls as an option apache/superset#672)
• 551f2fb feat: add support for eslint 8 (A cleaner right side of the navbar with a Github link apache/superset#666)
• e9a4e8d revert: support "setup" attribute in <script> tag in vue 3 (Fixing the examples's dashboard positioning apache/superset#667)
• 2cfe45f fix: support "setup" attribute in <script> tag in vue 3 (Fixing the examples's dashboard positioning apache/superset#667)
• 34ebcd8 fix: add missing peer dependencies (Only owners can update their slice and dashboard objects apache/superset#507)
• 14c2d23 chore(deps): bump tmpl from 1.0.4 to 1.0.5 (Support IATA airport code to display cities on the world map? apache/superset#656)
• ad466df feat: port changes from main branch (Add impyla to recommended packages for Impala apache/superset#649)
• 82e8448 feat: remove support for TypeScript < 3.6.0 (Installing on fedora, vanilla environment , failing at cryptography  apache/superset#643)
• 6ffbbed chore: upgrade dev dependencies
• 59a1b29 feat: drop support for node 10
• 27a7c14 chore: remove unused dependencies

See the full diff

Package name: html-webpack-plugin

The new version differs by 13 commits.

• 873d75b chore(release): 5.5.0
• ddeb774 chore: update examples
• 1e42625 feat: Support type=module via scriptLoading option
• 7d3645b Bump pretty-error to 4.0.0 to fix transitive vuln for ansi-regex CVE-2021-3807
• 79be779 [chore] changes actions to run on pull_requests
• b7e5859 [chore] fixes CI to avoid race conditions
• 48131d3 chore(release): 5.4.0
• 16a841a [chore] rebuild examples
• 3bb7c17 Update index.js
• e38ac97 Update index.js
• f08bd02 [chore] updates fixtures
• d62a10f [chore] upgrades html-minifier-terser@5.0.0 -> 6.0.2
• 2f5de7a Remove archived plugin

See the full diff

Package name: jest

The new version differs by 250 commits.

• 75006e4 v29.0.0
• 7c82a9f chore: update jest-watch-typeahead again
• 352ff29 chore: update changelog for release
• 33ad8c3 docs: Jest 29 blog post (Dashboard / Charts not loading (first time after login, every login) in superset #supersetissues #superset apache/superset#13103)
• dda77e5 docs: collapse 28.0 and 28.1 docs (chore: update docs for new alerts and reporting feature apache/superset#13104)
• c0dc84c chore: update jest-watch-typeahead
• 05f6217 fix: support deep CJS re-exports when using ESM (fix legend sunburst  apache/superset#13170)
• 490fd88 chore: update yarn (Database error apache/superset#13169)
• 98936a2 docs: Update Enzyme links to use new URL (#13166)
• 187566a feat(pretty-format): allow to opt out from sorting object keys with `compareKeys: null` ([settings] List Users-> Filter changed by can be set with empty value apache/superset#12443)
• ae2bed7 chore: tweak regex used in e2e tests (fix: healthcheck for docker compose apache/superset#13129)
• 8c56d74 docs: Update Configuration.md for added special notes on usage scenarios for pnpm. (2 TIme Column Filter for Superset Apache apache/superset#13115)
• fb1c53d feat(jest-config)!: remove undocumented `collectCoverageOnlyFrom` option (fix(wip): Changes to support presto impersionation with ldap apache/superset#13156)
• 075b489 fix: ignore `EISDIR` when resolving symlinks (fix(alerts&reports): Alerts & Reports will use values from WEBDRIVER_WINDOW option apache/superset#13157)
• 3bef02e feat(@ jest/test-result, @ jest/types)!: replace `Bytes` and `Milliseconds` types with `number` ([explore] BigQuery DatabaseError surfaced as UnknownError with bad formatting  apache/superset#13155)
• 4def94b v29.0.0-alpha.6
• 0f00d4e fix: replace non-CLI `rimraf` usage (Issue in sql Editor on trying to run query or selecting table in SQL LAB apache/superset#13151)
• 6a90a2c fix: Allow updating inline snapshots when test includes JSX (fix: session error fixed related to thumbnails. apache/superset#12760)
• 983274a feat: Let `babel` find config when updating inline snapshots (feat(alerts): apply SQL limit to all alerts apache/superset#13150)
• d2ff18a chore: make prettierPath optional in `SnapshotState` (chore: change test environment to jsdom apache/superset#13149)