Bump d3-color from 2.0.0 to 3.1.0 with package-lock.json

[Joshnovski]

Using npm i d3-color updated the structure of package-lock.json as well. I discovered that this was because I was using a recent version of npm and node.js. To remedy this, I rolled my npm and node to versions compatible with the structure you have for package-lock.json, i.e. (npm 6.7.0 and node 11.15.0). This resulted in far smaller update changes in package-lock.json.

I want to note that, although I have updated d3-color, d3-interpolate and d3-transition still wants to use d3-color 2.0.0. You will see in the change log that it is bound to versions "1-2".

On a side note, the fix I have currently implemented in my own project to overcome the current d3-color vulnerability is adding this override (I included dependencies for context);

  "dependencies": {
    "@babel/plugin-proposal-class-properties": "^7.18.6",
    "algorithmx": "^2.0.2",
    "jsnetworkx": "github:Joshnovski/jsnetworkx#update-lodash",
    "react": "^18.2.0",
    "react-dom": "^18.2.0",
    "react-router-dom": "^6.22.0",
    "seedrandom": "^3.0.5"
  },
  "overrides": {
    "d3-color": "3.1.0"
  }

At the bottom of my package.json file. With this override + running npm i I am not getting vulnerability flags on my end.

[Joshnovski]

Let me know what you think when you get time