The latest version of @plotly/d3-sankey contains some vulnerabilities according to "npm audit":
14 vulnerabilities (11 moderate, 2 high, 1 critical)
I'm not using this package directly but instead it is being referenced through plotly.js (and I'm using plotly.js). But I'm just seeing if this project is active enough that perhaps these vulnerabilities will be addressed at some point. I'm certainly no expert with this but it appears that the vulnerabilities are related to packages that need upgrading to newer versions.
The latest version of @plotly/d3-sankey contains some vulnerabilities according to "npm audit":
14 vulnerabilities (11 moderate, 2 high, 1 critical)
I'm not using this package directly but instead it is being referenced through plotly.js (and I'm using plotly.js). But I'm just seeing if this project is active enough that perhaps these vulnerabilities will be addressed at some point. I'm certainly no expert with this but it appears that the vulnerabilities are related to packages that need upgrading to newer versions.