Security: d3-color ReDoS vulnerability via d3-hsv dependency

### Description
@looker/components@5.0.3 has a transitive dependency on d3-color@1.4.1 through d3-hsv@0.1.0.

d3-color versions < 3.1.0 are vulnerable to ReDoS (GHSA-36jr-mh4h-2g58).

### Dependency chain
@looker/components → d3-hsv@0.1.0 → d3-color@1

### Request
Please update d3-hsv to a version that uses d3-color >= 3.1.0

### References
- https://github.com/d3/d3-color/issues/97
- https://github.com/advisories/GHSA-36jr-mh4h-2g58

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Security: d3-color ReDoS vulnerability via d3-hsv dependency #3008

Description

Dependency chain

Request

References

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Security: d3-color ReDoS vulnerability via d3-hsv dependency #3008

Description

Description

Dependency chain

Request

References

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions