I have a node dependency tree that looks like this:
$:app user1$ npm ls d3-color
app@0.1.0 /Users/user1/workspace/fe/app
├─┬ @ant-design/charts@1.4.2
│ └─┬ @ant-design/maps@1.0.4
│ └─┬ @antv/l7plot@0.0.13
│ └─┬ @antv/l7@2.9.25
│ ├─┬ @antv/l7-layers@2.9.25
│ │ └── d3-color@1.4.1
│ └─┬ @antv/l7-utils@2.9.25
│ └── d3-color@1.4.1
├─┬ @antv/g2plot@2.4.20
│ └─┬ @antv/g2@4.2.7
│ └─┬ @antv/g-base@0.5.11
│ └─┬ d3-interpolate@1.4.0
│ └── d3-color@1.4.1
├─┬ @nivo/core@0.78.0
│ ├── d3-color@2.0.0
│ ├─┬ d3-interpolate@2.0.1
│ │ └── d3-color@2.0.0 deduped
│ ├─┬ d3-scale-chromatic@2.0.0
│ │ ├── d3-color@2.0.0
│ │ └─┬ d3-interpolate@2.0.1
│ │ └── d3-color@2.0.0 deduped
│ └─┬ d3-scale@3.3.0
│ └─┬ d3-interpolate@2.0.1
│ └── d3-color@2.0.0
├─┬ @nivo/pie@0.78.0
│ └─┬ @nivo/colors@0.78.0
│ └── d3-color@2.0.0
└── d3-color@3.1.0
I want to update the d3-color@1.4.1 which is 5th level down from the top to d3-color@3.1.0
I've tried doing yarn upgrade d3-color@3.1.0 but it doesn't work. It just updates some but not all and for some other packages, it doesn't upgrade at all.
I need to do this in order to avoid High classified vulnerabilities in my Docker image being caused by this particular (and other similar) packages.
Any help would be greatly appreciated!
