Skip to content

build(deps): bump vega-functions from 5.12.0 to 5.13.2 in /shell-ui #4064

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

build(deps): bump vega-functions from 5.12.0 to 5.13.2 in /shell-ui #4064

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 30, 2023

Bumps vega-functions from 5.12.0 to 5.13.2.

Release notes

Sourced from vega-functions's releases.

v5.13.0

Notable Changes

  • Improved Streaming Performance.

    For performance, Vega caches a lot of internal data structures, including calculated tuples, scenegraph items, and SVG DOM nodes. Previously, nested scopes (such as those created for facetted data) that result in vega-runtime subcontexts were never cleaned. If no external View API calls are made, this is fine, and actually improves performance for interaction-driven dynamic filtering. However, when providing streaming data to Vega through the View API, uncleaned caches and subcontexts can result in substantial memory leaks that also eventually degrade performance.

    This version adds mechanisms for clearing caches and detaching subflows to support streaming data within nested specifications. When input data is removed via a View API call or via signal-valued URL, Vega will now by default trigger garbage collection to reclaim resources. This behavior can be disabled by calling clean(false) on a constructed ChangeSet passed to the View API.

  • Improved Cursor Performance.

    Previously Vega updated the cursor style on the HTML document body. This persists cursor settings even during interactions (such as drags) that may leave the Vega View component. However, it also can result in large performance penalties in Chrome, which re-evaluates CSS styles in response. This version changes the default behavior to set the cursor locally on the Vega View component. If a global cursor is desired, the boolean config property events.globalCursor can be set true or the View method globalCursor can be invoked to change the setting at runtime.

  • Optional Expression Interpreter.

    This release adds interpreter support for Vega expressions that is Content Security Policy (CSP) compliant. By default, the Vega parser performs code generation for parsed Vega expressions, and the Vega runtime uses the Function constructor to create JavaScript functions from the generated code. Although the Vega parser includes its own security checks, the runtime generation of functions from source code nevertheless violates security policies designed to prevent cross-site scripting.

    This release provides an interpreter plug-in (the new vega-interpreter package) that evaluates expressions by traversing an Abstract Syntax Tree (AST) for an expression and performing each operation in turn. Use of the interpreter enables compliance with CSP, but can incur a performance penalty. In tests of initial parse and dataflow evaluation times, the interpreter is on average ~10% slower. Interactive updates may incur higher penalties, as they are often more expression-heavy and amortize the one-time cost of Function constructor parsing.

Changelog

Changes from v5.12.3:

vega

  • Update stream.html and stream-nested.html performance test pages.

vega-dataflow

  • Add detach method to Operator to remove adjacent edges (listeners) from the dataflow graph.
  • Add clean setter to ChangeSet, set to true by default if any tuples are removed.
  • Add clean getter/setter to Pulse, propagate value to forked pulses if they share a data source.
  • Update logging calls during Dataflow evaluation.

vega-encode

  • Update DataJoin transform to clean internal map when pulse.clean() is true.
  • Update Scale to include domainMid as an extrema if it exceeds the domain min or max. (#2656)

vega-functions

  • Fix scale function to not special case undefined input. This ensures identical semantics with the internal _scale helper function used by code-generated encoders.

vega-geo

  • Update d3-geo dependency.

vega-interpreter

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): bump vega-functions from 5.12.0 to 5.13.2 in /shell-ui
678a30d 
Bumps [vega-functions](https://github.com/vega/vega) from 5.12.0 to 5.13.2.
- [Release notes](https://github.com/vega/vega/releases)
- [Commits](https://github.com/vega/vega/commits)

---
updated-dependencies:
- dependency-name: vega-functions
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from a team as a code owner May 30, 2023 11:30
@dependabot dependabot bot added javascript Pull requests that update Javascript code kind:dependencies Pull requests that update a dependency file labels May 30, 2023
@dependabot dependabot bot mentioned this pull request May 30, 2023
Closed
@bert-e
Copy link
Contributor

bert-e commented May 30, 2023

Hello dependabot[bot],

My role is to assist you with the merge of this
pull request. Please type @bert-e help to get information
on this process, or consult the user documentation.

Status report is not available.

The following options are set: bypass_author_approval, bypass_jira_check

@bert-e
Copy link
Contributor

bert-e commented May 30, 2023

Waiting for approval

The following approvals are needed before I can proceed with the merge:

  • the author

  • one peer

Peer approvals must include at least 1 approval from the following list:

The following options are set: bypass_author_approval, bypass_jira_check

@dependabot dependabot bot changed the base branch from development/125.0 to development/126.0 June 6, 2023 20:07
@bert-e
Copy link
Contributor

bert-e commented Jun 6, 2023

Waiting for approval

The following approvals are needed before I can proceed with the merge:

  • the author

  • one peer

Peer approvals must include at least 1 approval from the following list:

The following options are set: bypass_author_approval, bypass_jira_check

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 27, 2025

Superseded by #4549.

@dependabot dependabot bot closed this Mar 27, 2025
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/shell-ui/vega-functions-5.13.2 branch March 27, 2025 14:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
javascript Pull requests that update Javascript code kind:dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@bert-e