[Snyk] Fix for 2 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • client/package.json
  • client/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-D3COLOR-1076592	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-JSBEAUTIFY-2311652	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: js-beautify

The new version differs by 250 commits.

• 13b9a54 Release: 1.14.1
• ca785aa Merge remote-tracking branch 'origin/staging/main' into staging/release
• 49fa82c Bump version numbers for 1.14.1
• ef32da4 Update Changelog
• cb20409 Merge pull request #1993 from mhnaeem/feature/add-cmd-enter-for-mac
• 2df9f3e Fixing styling issues caught by CI
• 1f425d6 Merge remote-tracking branch 'origin/main' into feature/add-cmd-enter-for-mac
• 83f1bec Merge pull request #1996 from mhnaeem/bug/specify-black-package-version
• cf8617a bug: fix psf/black package version
• ab205a4 feature: allow mac users to use command+enter for submit button
• 6a919cc Merge pull request #1973 from kevinbackhouse/GHSL-2021-113-fix-ReDoS-second-attempt
• 19c5862 GHSL-2021-113: Fix ReDoS bug (second attempt).
• 37098ba Merge pull request #1970 from beautify-web/revert-1968-GHSL-2021-113-fix-ReDoS
• 229b237 Revert "GHSL-2021-113: fix ReDoS bug"
• 4b3fb85 Merge pull request #1968 from kevinbackhouse/GHSL-2021-113-fix-ReDoS
• 2024564 Merge branch 'main' into GHSL-2021-113-fix-ReDoS
• 034172d GHSL-2021-113: fix ReDoS bug
• f182350 Merge pull request #1967 from bitwiseman/task/normalize
• baee71c Fix diff
• ca29889 Update dependencies
• e5f6c48 Add line end normalization
• 157a3e0 Merge pull request #1966 from beautify-web/bitwiseman-patch-1
• d7774d9 Update main.yml
• 06aa63f Update main.yml

See the full diff

Package name: react-d3-graph

The new version differs by 23 commits.

• 21bf569 Release 1.3.0
• a515806 Customize color for a link ([Snyk] Fix for 12 vulnerabilities #79)
• f4405a6 Release 1.2.2 metadata and sandbox
• 543503a Fix/mouse over link highlight ([Snyk] Security upgrade recharts from 1.0.0-beta.10 to 2.3.0 #75)
• ee6c27a Fix/link highlight id number ([Snyk] Security upgrade react-scripts from 1.1.4 to 2.1.3 #74)
• a8fd7d9 Feature/move to node 8.11.0 ([Snyk] Security upgrade react-scripts from 1.1.4 to 4.0.0 #72)
• 694ef4f Fix/peer dependencies ([Snyk] Fix for 1 vulnerabilities #70)
• dd5fd5c Refactor/links build ([Snyk] Security upgrade react-scripts from 1.1.4 to 4.0.0 #69)
• a121317 Update CHANGELOG
• d27d62f Release 1.2.1
• ef2b507 Use caret ranges for d3 and react deps
• 2cf3a42 Move logic from graph component (highlight updates) ([Snyk] Security upgrade react-scripts from 1.1.4 to 5.0.0 #66)
• 9704563 Feature/update dependencies ([Snyk] Security upgrade react-scripts from 1.1.4 to 5.0.0 #65)
• e4ef748 Add fontColor as a configuration option for node's <text> fill property ([Snyk] Security upgrade react-scripts from 1.1.4 to 2.0.0 #64)
• 364166a Update CHANGELOG
• 9655ff7 Release 1.2.0
• 4570caa Improve naming across rd3g codebase ([Snyk] Security upgrade react-scripts from 1.1.4 to 2.1.3 #62)
• 35d2f33 Feature/update webpack ([Snyk] Security upgrade react-scripts from 1.1.4 to 2.0.0 #61)
• 7cb98c7 Feature/provide svg for nodes ([Snyk] Security upgrade react-scripts from 1.1.4 to 5.0.0 #60)
• a4ca82e Fixing a broken link ([Snyk] Security upgrade fabric-ca-client from 1.1.2 to 1.4.6 #55)
• dc04ab6 Feature/add prettier ([Snyk] Fix for 1 vulnerabilities #53)
• 9325bde Add .vscode config. Update .gitignore
• a1ebd5b Update stale thresholds

See the full diff

Package name: recharts

The new version differs by 250 commits.

• 3115b4d build 2.1.3
• 6f2551e fix: Customized component has no key (#2637)
• f5b8414 Fix XAxis scale propery type (#2641)
• ae02a4d Update README.md (#2649)
• 9aba237 build 2.1.2
• 300f726 Fix fragment children (#2481)
• 2805e0b fixes undefined field reference when optional variables not supplied (#2630)
• 89f3232 build 2.1.1
• c3381af fix: responsive container (#2622)
• 213d4a9 fix: fix format
• 8da1b74 build 2.1.0
• 2093a6b Wrap ResponsiveContainer with forwardRef (#2612)
• 281ea48 Add chart type to tooltip payload (#2599)
• 857663f Fix for recharts issue #1787 (#2604)
• af948a7 build 2.0.10
• 40a18f8 fix: show scatter chart tooltip cross cursor (#2592)
• 94e5808 Update Bar.tsx (#2582)
• e91fad3 Merge pull request #2516 from ckotyan/patch-1
• d857b4e Merge pull request #2512 from andy128k/patch-1
• e90a4e1 Merge pull request #2477 from bsell93/patch-1
• 8340d63 Merge pull request #2457 from anselmpaul/master
• 35840a0 Passthrough position attribute on createLabeledScales
• a0ab49c Fix barchart for a single data point
• d0b5781 allow automated axis padding for "gap" and "no-gap"

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.