fix(deps): update nivo monorepo to ^0.88.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@nivo/bar (source)	^0.80.0 -> ^0.88.0
@nivo/core (source)	^0.80.0 -> ^0.88.0
@nivo/pie (source)	^0.80.0 -> ^0.88.0
@nivo/stream (source)	^0.84.0 -> ^0.88.0

---

Release Notes

plouc/nivo (@​nivo/bar)

v0.88.0

Compare Source

What's Changed

• feat(bar): added aria hidden and disabled flag by @​jingcai86 in https://github.com/plouc/nivo/pull/2566
• feat(Bar): Add option to chose label position by @​evasseure in https://github.com/plouc/nivo/pull/2585
• feat(radar): add onClick handler by @​Nino3103 in https://github.com/plouc/nivo/pull/2601
• (feat)Line: add support for hiding line charts by default by @​clcatalan in https://github.com/plouc/nivo/pull/2540
• Allow custom legendNode for markers by @​Bigood in https://github.com/plouc/nivo/pull/2432
• Add getColor to props provided to custom layers by @​lemps in https://github.com/plouc/nivo/pull/2651
• Allow for actual motionConfig proptypes on by @​Josh-a-e in https://github.com/plouc/nivo/pull/2653

New Contributors

• @​jingcai86 made their first contribution in https://github.com/plouc/nivo/pull/2566
• @​evasseure made their first contribution in https://github.com/plouc/nivo/pull/2585
• @​Nino3103 made their first contribution in https://github.com/plouc/nivo/pull/2601
• @​clcatalan made their first contribution in https://github.com/plouc/nivo/pull/2540
• @​Bigood made their first contribution in https://github.com/plouc/nivo/pull/2432
• @​lemps made their first contribution in https://github.com/plouc/nivo/pull/2651

Full Changelog: plouc/nivo@v0.87.0...v0.88.0

v0.87.0

Compare Source

What's Changed

• Fix area rendering disparity of line canvas compared to line svg by @​MatinAniss in https://github.com/plouc/nivo/pull/2558
• Add mesh to bump chart by @​santiperone in https://github.com/plouc/nivo/pull/2496
• fix: Add missing key to BarTotals by @​dbuhon in https://github.com/plouc/nivo/pull/2575
• Bump mesh improvements by @​plouc in https://github.com/plouc/nivo/pull/2572
• feat(line): remove prop-types as we're supposed to rely on TS by @​plouc in https://github.com/plouc/nivo/pull/2576
• feat(recompose): completely remove recompose from the project by @​plouc in https://github.com/plouc/nivo/pull/2577
• fix(bar): fix canvas grid lines not considering margin by @​plouc in https://github.com/plouc/nivo/pull/2578
• feat(Line): passing the full Point info to the AccessorFunc for Label by @​akassaei in https://github.com/plouc/nivo/pull/2541
• fix(core): use readonly arrays for props as the libraries do not modify them by @​pcorpet in https://github.com/plouc/nivo/pull/2588
• @​nivo/tree by @​plouc in https://github.com/plouc/nivo/pull/2582

New Contributors

• @​MatinAniss made their first contribution in https://github.com/plouc/nivo/pull/2558
• @​santiperone made their first contribution in https://github.com/plouc/nivo/pull/2496
• @​dbuhon made their first contribution in https://github.com/plouc/nivo/pull/2575
• @​akassaei made their first contribution in https://github.com/plouc/nivo/pull/2541

Full Changelog: plouc/nivo@v0.86.0...v0.87.0

v0.86.0

Compare Source

What's Changed

• fix(website): fix time based scale ticks demos by @​plouc in https://github.com/plouc/nivo/pull/2532
• feat(Bar): add bar totals by @​joaopedromatias in https://github.com/plouc/nivo/pull/2525
• Rewrite componentId to support react17 by @​Alex-Spike in https://github.com/plouc/nivo/pull/2545
• Bugfix/2490 tooltip theme by @​gtibrett in https://github.com/plouc/nivo/pull/2552

New Contributors

• @​joaopedromatias made their first contribution in https://github.com/plouc/nivo/pull/2525
• @​Alex-Spike made their first contribution in https://github.com/plouc/nivo/pull/2545
• @​gtibrett made their first contribution in https://github.com/plouc/nivo/pull/2552

Full Changelog: plouc/nivo@v0.85.1...v0.86.0

v0.85.1

Compare Source

What's Changed

• Tooltip: avoid a flash effect and weird initial transition by @​DimaAmega in https://github.com/plouc/nivo/pull/2480
• feat(deps): upgrade d3-scale due to vulnerability by @​plouc in https://github.com/plouc/nivo/pull/2531

New Contributors

• @​DimaAmega made their first contribution in https://github.com/plouc/nivo/pull/2480

Full Changelog: plouc/nivo@v0.85.0...v0.85.1

v0.85.0

Compare Source

What's Changed

• refactor default props to fix error message by @​andre19980 in https://github.com/plouc/nivo/pull/2452
• fix(sankey): update onClick types in sankey chart to respect generics by @​stas-demydiuk in https://github.com/plouc/nivo/pull/2509
• chore: upgrade d3-color and d3-scale-chromatic by @​icco in https://github.com/plouc/nivo/pull/2466
• Fix: add initial property for truncateTickAt by @​scalabw in https://github.com/plouc/nivo/pull/2504
• fix tooltip default color by @​scalabw in https://github.com/plouc/nivo/pull/2521
• Touch crosshair for line graphs by @​WilliamABradley in https://github.com/plouc/nivo/pull/2524
• fix(marimekko): use readonly arrays for props as the library does not modify them by @​pcorpet in https://github.com/plouc/nivo/pull/2493
• fix(line): use readonly arrays for props as the library does not modify them by @​pcorpet in https://github.com/plouc/nivo/pull/2494
• Fix (peer) dependencies by @​marvinruder in https://github.com/plouc/nivo/pull/2528

New Contributors

• @​andre19980 made their first contribution in https://github.com/plouc/nivo/pull/2452
• @​stas-demydiuk made their first contribution in https://github.com/plouc/nivo/pull/2509
• @​icco made their first contribution in https://github.com/plouc/nivo/pull/2466
• @​scalabw made their first contribution in https://github.com/plouc/nivo/pull/2504
• @​WilliamABradley made their first contribution in https://github.com/plouc/nivo/pull/2524
• @​marvinruder made their first contribution in https://github.com/plouc/nivo/pull/2528

Full Changelog: plouc/nivo@v0.84.0...v0.85.0

v0.84.0

Compare Source

What's Changed

• fix(bar): use readonly arrays for props as the library does not modif… by @​pcorpet in https://github.com/plouc/nivo/pull/2377
• fix(pie): use readonly arrays for props as the library does not modif… by @​pcorpet in https://github.com/plouc/nivo/pull/2431
• Fix Bar SSR by @​OleksandrRakovets in https://github.com/plouc/nivo/pull/2464
• Pie: Add the ability to programmatically control the activeId by @​plouc in https://github.com/plouc/nivo/pull/2465

New Contributors

• @​pcorpet made their first contribution in https://github.com/plouc/nivo/pull/2377
• @​OleksandrRakovets made their first contribution in https://github.com/plouc/nivo/pull/2464

Full Changelog: plouc/nivo@v0.83.1...v0.84.0

v0.83.1

Compare Source

What's Changed

• @​nivo/parallel-coordinates next by @​plouc in https://github.com/plouc/nivo/pull/2329
• Add tests for gradients attribute by @​hyjoong in https://github.com/plouc/nivo/pull/2338
• fix: Lodash - use module imports by @​vio in https://github.com/plouc/nivo/pull/2349
• Resolved BoxPlot types not being included in build output by @​NicolasNewman in https://github.com/plouc/nivo/pull/2351
• Fix website component search by @​aautem in https://github.com/plouc/nivo/pull/2371
• fix: waffle types missing from dist by @​brammitch in https://github.com/plouc/nivo/pull/2375
• Fix arcLinkLabelsOffset for pie chart by @​aautem in https://github.com/plouc/nivo/pull/2369
• feat/export responsive bar props TypeScript types by @​ollwenjones in https://github.com/plouc/nivo/pull/2396
• fix(stream): fix stream diagram overflowing by @​baldulin in https://github.com/plouc/nivo/pull/2392
• fix GitHub workflow badge URL by @​shoito in https://github.com/plouc/nivo/pull/2453
• Fix failing builds by @​plouc in https://github.com/plouc/nivo/pull/2460
• shiftArray in calendar/src/compute/timeRange.ts should not mutate its argument by @​wirhabenzeit in https://github.com/plouc/nivo/pull/2420
• fix(core): upgrade d3-interpolate and d3-scale-chromatic by @​plouc in https://github.com/plouc/nivo/pull/2461
• Feature/bar chart truncate axes ticks by @​SebasQuirogaUCP in https://github.com/plouc/nivo/pull/2405
• feat(legends): export SymbolProps by @​plouc in https://github.com/plouc/nivo/pull/2462

New Contributors

• @​hyjoong made their first contribution in https://github.com/plouc/nivo/pull/2338
• @​vio made their first contribution in https://github.com/plouc/nivo/pull/2349
• @​NicolasNewman made their first contribution in https://github.com/plouc/nivo/pull/2351
• @​aautem made their first contribution in https://github.com/plouc/nivo/pull/2371
• @​baldulin made their first contribution in https://github.com/plouc/nivo/pull/2392
• @​shoito made their first contribution in https://github.com/plouc/nivo/pull/2453
• @​wirhabenzeit made their first contribution in https://github.com/plouc/nivo/pull/2420
• @​SebasQuirogaUCP made their first contribution in https://github.com/plouc/nivo/pull/2405

Full Changelog: plouc/nivo@v0.83.0...v0.83.1

v0.83.0

Compare Source

What's Changed

• Waffle next by @​plouc in https://github.com/plouc/nivo/pull/2320
• Remove all references to react-motion by @​plouc in https://github.com/plouc/nivo/pull/2324
• Move @​nivo/core as a regular dependency in all dependent packages by @​plouc in https://github.com/plouc/nivo/pull/2325
• feat(infrastructure): remove bump-peer-deps script by @​plouc in https://github.com/plouc/nivo/pull/2326

Full Changelog: plouc/nivo@v0.82.1...v0.83.0

v0.82.1

Compare Source

Attempt to fix https://github.com/plouc/nivo/issues/2319, but it's still an issue.

v0.82.0

Compare Source

What's Changed

• fix(canvas): fix getRelativeCursor for non SVG implementations by @​plouc in https://github.com/plouc/nivo/pull/2125
• fix(website): remove orient prop from axisBottom and axisLeft by @​hayawata3626 in https://github.com/plouc/nivo/pull/2134
• Minor docs fix for specifying color by @​Josh-a-e in https://github.com/plouc/nivo/pull/2139
• chore(deps): bump luxon from 1.28.0 to 1.28.1 by @​dependabot in https://github.com/plouc/nivo/pull/2215
• chore(deps): bump json5 from 1.0.1 to 1.0.2 by @​dependabot in https://github.com/plouc/nivo/pull/2212
• chore(deps): bump express from 4.17.1 to 4.17.3 by @​dependabot in https://github.com/plouc/nivo/pull/2200
• chore(deps): bump decode-uri-component from 0.2.0 to 0.2.2 by @​dependabot in https://github.com/plouc/nivo/pull/2195
• chore(deps): bump socket.io-parser from 4.0.4 to 4.0.5 by @​dependabot in https://github.com/plouc/nivo/pull/2179
• Check if ResizeObserver is defined instead of checking window object by @​andriuss in https://github.com/plouc/nivo/pull/2222
• chore(deps): bump ua-parser-js from 0.7.31 to 0.7.33 by @​dependabot in https://github.com/plouc/nivo/pull/2227
• chore(deps): bump qs from 6.5.2 to 6.5.3 by @​dependabot in https://github.com/plouc/nivo/pull/2193
• chore(deps): bump loader-utils from 1.4.0 to 1.4.2 by @​dependabot in https://github.com/plouc/nivo/pull/2183
• chore(deps): bump d3-color from 2.0.0 to 3.1.0 by @​dependabot in https://github.com/plouc/nivo/pull/2142
• chore(deps): bump @​sideway/formula from 3.0.0 to 3.0.1 by @​dependabot in https://github.com/plouc/nivo/pull/2260
• bugfix: fix CustomLayerProps lineGenerator type by removing unnecessary Array type by @​kendrickt in https://github.com/plouc/nivo/pull/2238
• Add mouse events to line slices by @​sigmike in https://github.com/plouc/nivo/pull/2128
• Bugfix/website/bar add legends fix by @​Nanak360 in https://github.com/plouc/nivo/pull/2282
• fix: Relax constraints on @react-spring/web by @​dubzzz in https://github.com/plouc/nivo/pull/2280
• Introduce a @​nivo/boxplot package by @​tkonopka in https://github.com/plouc/nivo/pull/1991
• Add firstWeekday attr to calendar/TimeRange by @​yzalvov in https://github.com/plouc/nivo/pull/2299
• Infrastructure maintenance by @​plouc in https://github.com/plouc/nivo/pull/2313
• Upgrade Gatsby by @​plouc in https://github.com/plouc/nivo/pull/2315
• Boxplot doc by @​plouc in https://github.com/plouc/nivo/pull/2316
• Add support for end-to-end tests via cypress by @​plouc in https://github.com/plouc/nivo/pull/2317
• Upgrade Lerna by @​plouc in https://github.com/plouc/nivo/pull/2318

New Contributors

• @​hayawata3626 made their first contribution in https://github.com/plouc/nivo/pull/2134
• @​Josh-a-e made their first contribution in https://github.com/plouc/nivo/pull/2139
• @​andriuss made their first contribution in https://github.com/plouc/nivo/pull/2222
• @​kendrickt made their first contribution in https://github.com/plouc/nivo/pull/2238
• @​sigmike made their first contribution in https://github.com/plouc/nivo/pull/2128
• @​Nanak360 made their first contribution in https://github.com/plouc/nivo/pull/2282
• @​dubzzz made their first contribution in https://github.com/plouc/nivo/pull/2280
• @​yzalvov made their first contribution in https://github.com/plouc/nivo/pull/2299

Full Changelog: plouc/nivo@v0.80.0...v0.82.0

v0.81.0

Compare Source

v0.81.0 (2023-04-26)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

[socket-security]

Report too large to display inline

View full report↗︎

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source	CI
Protestware or potentially unwanted behavior	npm/[email protected]	Note: The script attempts to run a local post-install script, which could potentially contain malicious code. The error handling suggests that it is designed to fail silently, which is a common tactic in malicious scripts.	api/yarn.lock	⚠︎
Protestware or potentially unwanted behavior	npm/[email protected]	Note: This package prints a protestware console message on install regarding Ukraine for users with Russian language locale	api/yarn.lock	⚠︎
Critical CVE	npm/[email protected]	CVE: GHSA-xwcq-pm8m-c4vf crypto-js PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard (CRITICAL) Affected versions: < 4.2.0 Patched version: 4.2.0	app/yarn.lock	⚠︎

View full report↗︎

Next steps

What is protestware?

This package is a joke, parody, or includes undocumented or hidden behavior unrelated to its primary function.

Consider that consuming this package may come along with functionality unrelated to its primary purpose.

What is a critical CVE?

Contains a Critical Common Vulnerability and Exposure (CVE).

Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/[email protected]
• @SocketSecurity ignore npm/[email protected]

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud