Skip to content
This repository has been archived by the owner on Jul 9, 2022. It is now read-only.

[Snyk] Security upgrade react-vega from 6.1.0 to 7.1.0 #12

Open
wants to merge 8 commits into
base: master
Choose a base branch
from
Open

[Snyk] Security upgrade react-vega from 6.1.0 to 7.1.0 #12

wants to merge 8 commits into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
low severity Insecure Configuration
SNYK-JS-VEGAEMBED-567898		 Yes No Known Exploit
Commit messages
Package name: react-vega The new version differs by 29 commits.

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

馃 View latest project report

馃洜 Adjust project settings

馃摎 Read more about Snyk's upgrade and patch logic

ktmud and others added 8 commits September 25, 2019 16:16
@ktmud
Add support for Vega and Vega-lite
e167d2b 
Vega and Vega-Lite allow users to specify a JSON configuration
to declaratively define a complex interactive visualization.

It could thoeretically become the foundation of many visualizations
we already have.

This commit adds integration with Vega and Vega-Lite, with a lot
of code borrowed from the official Vega Editor[1].

[1] https://vega.github.io/editor/
@ktmud
update package.json
8e1c0a4
@ktmud
Adding schema_filter and table_filter for Presto runner
24fa150 
And load schemas one by one. This should improve performance
for large Presto instances where a single schema may contain
thousands of tables.

Plus, in lower version of Presto, sometimes the old query will throw
"outputFormat should not be accessed from a null StorageFormat"
error (see prestodb/presto#6972). This change allows us to skip
this error and still return valid results.
@ktmud
Add an extras field for Presto getredash#3909
46a8851 
This makes it possible to allow arbitrary connection parameters
that are not stored as configuration field.

Also extended Dynamic Forms to allow JSON validation.
@ktmud
Invalid JSON Must be discarded
129cac8
@ktmud
Merge branch 'vega'
a59ce79
@snyk-bot @ktmud
fix: package.json & package-lock.json to reduce vulnerabilities
49f103a 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-VEGAEMBED-567898
@snyk-bot @ktmud
fix: package.json & package-lock.json to reduce vulnerabilities
4b534d5 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-VEGAEMBED-567898
@ktmud ktmud force-pushed the master branch 2 times, most recently from a3336ce to 5afd055 Compare August 14, 2020 06:39
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@snyk-bot @ktmud