Please update d3-color dependency to >=3.1.0 (security fix)

[jegly]

The current version of react-simple-maps depends on d3-color@2.x, which is vulnerable to a Regular Expression Denial of Service (ReDoS).

• Affected package: d3-color (<3.1.0)
• Patched version: 3.1.0
• Root cause: react-simple-maps pins d3-color@2.x, preventing Dependabot from upgrading.

Request:
Please bump the dependency to d3-color@^3.1.0 (or a compatible range) so downstream projects can patch the vulnerability.

References:

• npm advisory for d3-color
• Dependabot alert showing incompatibility.

Thanks for maintaining this project!

[geoff-tw]

Would like this too <3

[tkon0018]

yes, would like this too

[rnike]

saw it's update in the latest commit b322da5 on main branch, @zimrick could you publish a new npm release?

[rmartins0]

This library looks to be dead. You might be able to get a workaround using overrides property in package.json.