chore(deps): update dependency plotly.js to v2.25.2 [security] #4788
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
![renovate-approve[bot]](https://avatars.githubusercontent.com/in/7394?s=60&v=4){kind=small}
|
☁️ Nx Cloud ReportCI is running/has finished running commands for commit e0a00a8. As they complete they will appear below. Click to see the status, the terminal output, and the build insights. 📂 See all runs for this CI Pipeline Execution ✅ Successfully ran 8 targetsSent with 💌 from NxCloud. |
|
🎉 This PR is included in version 9.54.3 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
2.11.1->2.25.2GitHub Vulnerability Alerts
CVE-2023-46308
In Plotly plotly.js before 2.25.2, plot API calls have a risk of proto being polluted in expandObjectPaths or nestedProperty.
Release Notes
plotly/plotly.js (plotly.js)
v2.25.2Compare Source
Changed
hrlocale [#6690],with thanks to @Mkranj for the contribution!
Fixed
v2.25.1Compare Source
Fixed
v2.25.0Compare Source
Added
with thanks to @apparebit for the contribution!
newshape[#6653]Fixed
zmin,zmax,cminandcmax) [#6625],with thanks to @lvlte for the contribution!
with thanks to @baurt for the contribution!
v2.24.3Compare Source
Fixed
v2.24.2Compare Source
Fixed
hovertemplatenot showing delta on totals similar(https://togithub.com/plotly/plotly.js/issues/6635)y.js/issues/6635\))v2.24.1Compare Source
Fixed
(regression introduced in 2.24.0)(https://togithub.com/plotly/plotly.js/issues/6632)y.js/issues/6632\))
v2.24.0Compare Source
Added
with thanks to @thierryVergult for the contribution!
Fixed
have hoverinfo: "none" (regression introduced in 2.6.0)(https://togithub.com/plotly/plotly.js/issues/6614)y.js/issues/6614\)),
with thanks to @Domino987 for the contribution!
v2.23.2Compare Source
Fixed
with thanks to the Volkswagen Center of Excellence for Battery Systems for sponsoring development!
v2.23.1Compare Source
Fixed
zsmoothis set to false [#6605], with thanks to @lvlte for the contribution!v2.23.0Compare Source
Added
legend.xrefandlegend.yrefto enable container-referenced positioning of legends [#6589], with thanks to Gamma Technologies for sponsoring the related development.colorbar.xrefandcolorbar.yrefto enable container-referenced positioning of colorbars [#6593], with thanks to Gamma Technologies for sponsoring the related development.Changed
zsmoothis set to false [#6574], with thanks to @lvlte for the contribution!v2.22.0Compare Source
Added
legendreferences to traces andlegend2,legend3, etc. to layout,also add
visibleto legend i.e. to allow positioning multiple legends on a graph [#6535],this feature was anonymously sponsored: thank you to our sponsor!
Changed
nolocale [#5410],with thanks to @bjornol for the contribution!
sklocale [#6580], with thanks to @Libco for the contribution!Fixed
plotly_clickin gl3d scenes to fire on touch devices [#6563],with thanks to @NickTominaga for the contribution!
marker.opacityis set to zero [#6581], with thanks to @dmyronuk for the contribution!v2.21.0Compare Source
Added
texttemplateto shape.label for parametric shapes i.e. line, rect and circle [#6527],with thanks to the Volkswagen Center of Excellence for Battery Systems for sponsoring development!
with thanks to @CallumNZ for the contribution!
Fixed
with thanks to @bmaranville for the contribution!
zsmoothis set to "fast" [#6565],with thanks to @lvlte for the contribution!
v2.20.0Compare Source
Added
title.automarginto enable automatic top and bottom margining for both container and paper referenced titles [#6428],with thanks to Gamma Technologies for sponsoring the related development.
v2.19.1Compare Source
Fixed
with thanks to @jay-bis for the contribution!
v2.19.0Compare Source
Added
labelattribute to shapes [#6454],with thanks to the Volkswagen Center of Excellence for Battery Systems for sponsoring development!
labelaliasto various axes namely cartesian, gl3d, polar, smith, ternary, carpet,indicator and colorbar [#6481],
this feature was anonymously sponsored: thank you to our sponsor!
Changed
is-mobiledependency [#6517]Fixed
hovermode: 'x'|'y'[#6442],with thanks to @dagroe for the contribution!
v2.18.2Compare Source
Fixed
with thanks to @Gagaro for the contribution!
with thanks to @andresrcs for the contribution!
v2.18.1Compare Source
Changed
d3-interpolateandd3-colorto v3 to address audit warnings [#6463]Fixed
vector-effectCSS to static plots [#6445]v2.18.0Compare Source
Added
synctickmode option [#6356, #6443],with thanks to @filipesantiagoAM and @VictorBezak for the contribution!
Changed
is-mobile[#6432]Fixed
requirejsAMD loader (regression introduced in 2.17.0) [#6440]v2.17.1Compare Source
Fixed
v2.17.0Compare Source
Added
shiftandautoshiftto cartesian y axes to help avoid overlapping of multiple axes [#6334],with thanks to Gamma Technologies for sponsoring the related development!
scattertrace i.e.alignmentgroup,offsetgroup,scattermodeandscattergap[#6381],this feature was anonymously sponsored: thank you to our sponsor!
marker.cornerradiusattribute totreemaptrace [#6351]Changed
Fixed
backoffwhen marker symbols and sizes are arrays [#6414]v2.16.5Compare Source
Fixed
staticPlotis set to true [#6393]v2.16.4Compare Source
Fixed
scattermapboxredraw (regression introduced in 2.16.0) [#6387]v2.16.3Compare Source
Fixed
with thanks to @filipesantiagoAM for the contribution!
v2.16.2Compare Source
Fixed
v2.16.1Compare Source
Fixed
choroplethmapboxselection when adding new traces on top [#6345]v2.16.0Compare Source
Added
scattermapbox[#5827],with thanks to @elben10 for the contribution!
v2.15.1Compare Source
Fixed
v2.15.0Compare Source
Added
angle,anglerefandstandofftomarkerand addbackofftoline; also introduce new arrow symbols to facilitate drawing networks [#6297]minreducedwidthandminreducedheightto layout for increasing control over automargin [#6307]entrywidthandentrywidthmodeto legend [#6202, #6324]Changed
angleforrotationinpie[#6304]Fixed
touch eventafter switching back from select mode [#6281],with thanks to @mmtmr for the contribution!
treemap,icicle,sunburst,pie,funnelarea,parcats,parcoordsandsankeytraces whenstaticPlotis set to true [#6296]v2.14.0Compare Source
Added
with thanks to @Andy2003 for the contribution!
editSelectionoption to config [#6285]Changed
nllocale to confirm with expected nl format [#6261],with thanks to @eirvandelden for the contribution!
v2.13.3Compare Source
Fixed
v2.13.2Compare Source
Fixed
sankeyselect error (regression introduced in 2.13.0) [#6265]sankeytraces to fix select error [#6267]dragmodes when an existing selection is modified [#6262]v2.13.1Compare Source
Fixed
selectionsto undefined eventData (regression introduced in 2.13.0) [#6260]v2.13.0Compare Source
Added
selections,newselectionandactiveselectionlayout attributes to havepersistent and editable selections over cartesian subplots [#6243]
unselected.line.colorandunselected.line.opacityoptions toparcoordstrace [#6216, #6236]violintracevia
quartilemethodattribute [#6187]to control the direction of
automarginon cartesian axes [#6193]delta.prefixanddelta.suffixtoindicatortrace [#6246],with thanks to @paulovieira for the contribution!
zh-tw) [#6247],with thanks to @sec2 for the contribution!
si) [#6238],with thanks to @sujithranga for the contribution!
Changed
Fixed
box&violintraces [#6189]xrefdescription ofshapes[#6194]v2.12.1Compare Source
Fixed
dragmodeis set to false [#6147],with thanks to @jonfunkhouser for the contribution!
v2.12.0Compare Source
Added
griddashaxis property to cartesian, polar, smith, ternary and geo subplots and addgriddashandminorgriddashtocarpettrace [6144], with thanks to @njwhite for the contribution!minorticks and grid lines on cartesian axis types includingminor.tickmode,minor.tickvals,minor.tickcolor,minor.ticklen,minor.tickwidth,minor.dtick,minor.tick0,minor.nticks,minor.ticks,minor.showgrid,minor.gridcolor,minor.griddashandminor.gridwidth[6166]Changed
with thanks to @junov for the contribution!
Fixed
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.