Bump d3-color from 2.0.0 to 3.1.0 #5
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Member
|
looks great, but could you update |
Author
|
Hi Alex,
I ran ‘npm i’ for you. It did result in a large number of changes to package-lock.json. This may just be restructuring due to your older npm version? Let me know what you think.
Cheers,
Josh Morphew
On 24 Feb 2024, at 1:37 am, Alex Socha ***@***.***> wrote:
looks great, but could you update package-lock.json too please (just run npm i)
—
Reply to this email directly, view it on GitHub<#5 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/A65XDAZF6BBNYPFFTF6MXK3YVCSR5AVCNFSM6AAAAABDUIQMEWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSNRRGQ2DONBZG4>.
You are receiving this because you authored the thread.Message ID: ***@***.***>
|
Author
|
Would you rather I do a more specific install instead? 'npm i d3-color' should be more manageable to look over and leave the other dependencies untouched for the moment. As you know, 'npm i' updates other packages as well based on semver ranges specified in 'package.json' which has resulted in a lot of the older packages being updated too. Over 5000 changes is nuts to check. |
Member
|
Yep that sounds more reasonable for now
…On Tue, 27 Feb 2024 at 5:27 am, Joshua Morphew ***@***.***> wrote:
Would you rather I do a more specific install instead? 'npm i d3-color'
should be more manageable to look over and leave the other dependencies
untouched for the moment. As you know, 'npm i' updates other packages as
well based on semver ranges specified in 'package.json' which has resulted
in a lot of the older packages being updated too. Over 5000 changes is nuts
to check.
—
Reply to this email directly, view it on GitHub
<#5 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABKPFOY7Z6YCIMPQBAREK3TYVT44DAVCNFSM6AAAAABDUIQMEWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSNRVGMZDEMBTGE>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps d3-color from 2.0.0 to 3.1.0
Link to d3-color security vulnerability notes from IBM Support
I am not sure how to formally write a PR, sorry about the informalities.