Skip to content

Home

Jump to bottom Edit New page
Coltin Kifer edited this page Dec 30, 2022 · 10 revisions

Welcome to the recharts wiki!

Why is my build breaking in 2.1.13 and 2.1.14?

  • d3 upgraded their libraries to be ESM only - this means that any consumer of recharts that upgraded to these patch versions of recharts that used jest or next in their projects also broke as those libraries don't support ESM. We reverted this change in 2.1.15+ due to breaking our consumers.

Why do I have a security vulnerability from d3-color?

  • Due to reverting the above, we have been on d3-color@2 which includes a ReDos security vulnerability - https://github.com/recharts/recharts/issues/3012
  • A non-breaking change is being worked on by replacing d3 libraries with victory-vendor/d3-*. Please see this blogpost from victory about them facing this issue and open sources a cjs solution to the problem.
    • victory-vendor takes some select d3 libraries at their latest -> converts them from ESM to CJS -> then adds them back to npm. This is what we are using to prevent breaking our consumers.

https://recharts.org/

Add a custom sidebar
Clone this wiki locally