Installations
npm install @d3fc/d3fc-chart
Releases
@d3fc/d3fc-chart@5.1.9
Published on 30 Jul 2024
@d3fc/d3fc-webgl@3.2.1
Published on 30 Jul 2024
@d3fc/d3fc-series@6.1.3
Published on 30 Jul 2024
@d3fc/d3fc-annotation@3.0.16
Published on 30 Jul 2024
d3fc@15.2.13
Published on 30 Jul 2024
d3fc@15.2.12
Published on 02 Jul 2024
Developer
Developer Guide
Module System
CommonJS
Min. Node Version
Typescript Support
Yes
Node Version
20.15.0
NPM Version
10.7.0
Statistics
1,299 Stars
1,351 Commits
193 Forks
41 Watching
18 Branches
55 Contributors
Updated on 26 Nov 2024
Bundle Size
18.25 kB
Minified
6.02 kB
Minified + Gzipped
Languages
HTML (78.71%)
JavaScript (13.65%)
TypeScript (5.92%)
Shell (1.72%)
Total Downloads
Cumulative downloads
Total Downloads
855,579
Last day
-19.3%
1,664
Compared to previous day
Last week
12.9%
11,023
Compared to previous week
Last month
23.8%
40,175
Compared to previous month
Last year
10.8%
264,972
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
5
Peer Dependencies
2
Components to rapidly build fast, highly customisable, interactive charts with D3
Installation
The latest release of D3FC is available via npm or the unpkg CDN. The D3FC project is composed of a number of separate packages each of which can be installed via npm and used independently, or if you prefer you can install the entire D3FC bundle, which includes all of the separate packages -
npm install d3fc
1<script src="https://unpkg.com/d3"></script> 2<script src="https://unpkg.com/d3fc"></script>
Test your installation using the simple chart example.
Documentation
The following getting-started guides are available -
- Building a Chart - a walk through building a chart with D3FC and what makes it different from other libraries.
- The Decorate Pattern - the pattern D3FC employs, resulting in charting components that are both simple and flexible.
- Transitions - how to use D3 transitions with D3FC.
For API documentation see the corresponding package documentation -
- d3fc-annotation
- d3fc-axis
- d3fc-brush
- d3fc-chart
- d3fc-data-join
- d3fc-discontinuous-scale
- d3fc-element
- d3fc-extent
- d3fc-financial-feed
- d3fc-group
- d3fc-label-layout
- d3fc-pointer
- d3fc-random-data
- d3fc-rebind
- d3fc-sample
- d3fc-series
- d3fc-shape
- d3fc-technical-indicator
- d3fc-webgl
- d3fc-zoom
Examples can be found on the project website. These same examples are also available offline.
Framework integration examples:
There are also a number of other documents and articles that provide a bit more background regarding the design principles of D3FC -
- Unboxing D3 - there are numerous charting libraries that are 'built with D3', but all of them keep D3 'in its box' and as a result, you cannot unleash its full power!
- Extending D3 with Higher Order Components - a brief article that walks through the process of building a chart with D3FC
- Building a Complex Financial Chart with D3 and D3FC - a lengthy and detailed article that builds a complex and bespoke chart which you can view online here.
Developing
This project is a mono-repo that uses Lerna to manage dependencies between packages. To get started, run -
npm ci
npm test
When making changes to a package, you can execute the following either from within the package folder to build just that package or from the project root to build all packages -
npm run bundle
To open a development sandbox which is automatically updated when you save changes to source files, navigate to the project root and run -
npm start
CI
This project is equipped with a Continuous Integration (CI) pipeline using GitHub Actions. It runs a series of checks whenever a pull request to master is opened. The pipeline includes the following steps:
- Build: Verify that the code can be successfully built.
- Test: Tests the application to ensure that new changes do not introduce regressions.
- Linting: The code is analyzed for adherence to coding standards and best practices, using eslint, markdownlint, and commitlint.
See Conventional Commits for a more detailed explaination.
When opening a PR, be mindful of (and make necessary changes in accordance with) these checks.
Releases
Releases are managed via CI and Changesets.
When contributing to the project, developers should add a changeset.
A changeset is a Markdown file with YAML front matter. The contents of the Markdown is the change summary which will be written to the changelog and the YAML front matter describes what packages have changed and what SemVer bump types they should be
1--- 2"@d3fc": major 3"@d3fc/d3fc-annotation": minor 4--- 5 6Change all the things
Changesets should include:
- WHAT the change is
- WHY the change was made
- HOW a consumer should update their code
Adding a changeset
To add a changeset, before putting up a PR, contributors should:
- Run the command line script
npx changeset
- Select the packages you want to include in the changeset using ↑ and ↓ to navigate to packages, and space to select a package.
- Hit enter when all desired packages are selected.
- You will be prompted to select a bump type for each selected package.
- Select an appropriate bump type for the changes made. See SemVer Versioning
Your final prompt will be to provide a message to go alongside the changeset. This will be written into the changelog when the next release occurs.
Dependabot updates should not affect the consumer, and so do not need a Changeset. These will have PATCH (x.x.1
) version bumps.
SemVer Versioning
From SemVer -
- MAJOR version when you make incompatible API changes (
1.x.x
) - MINOR version when you add functionality in a backward compatible manner (
x.1.x
) - PATCH version when you make backward compatible bug fixes (
x.x.1
)
Github tags and releases are done using the Tag Release on Push action. By default, a minor
version bump will be added. To override this, use release:major
, release:minor
, or release:patch
on PRs. Only one of these tags should be added to a PR.
From SemVer -
- MAJOR version when you make incompatible API changes
- MINOR version when you add functionality in a backward compatible manner
- PATCH version when you make backward compatible bug fixes
License
These components are licensed under the MIT License.
Sponsors
Project supported by Scott Logic.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
all changesets reviewed
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
dependency not pinned by hash detected -- score normalized to 5
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/create-release-notes.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/d3fc/d3fc/create-release-notes.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/create-release-notes.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/d3fc/d3fc/create-release-notes.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/development.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/d3fc/d3fc/development.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/development.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/d3fc/d3fc/development.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/development.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/d3fc/d3fc/development.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/development.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/d3fc/d3fc/development.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/d3fc/d3fc/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/d3fc/d3fc/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/d3fc/d3fc/release.yml/master?enable=pin
- Info: 0 out of 7 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
- Info: 3 out of 3 npmCommand dependencies pinned
Reason
8 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-36jr-mh4h-2g58
- Warn: Project is vulnerable to: GHSA-6vfc-qv3f-vr6c
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release.yml:20
- Warn: no topLevel permission defined: .github/workflows/create-release-notes.yml:1
- Warn: no topLevel permission defined: .github/workflows/development.yml:1
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Score
4.3
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn MoreOther packages similar to @d3fc/d3fc-chart
@d3fc/d3fc-brush
Adapts the D3 brush, making it easier to create data-driven brushed charts.
@d3fc/d3fc-webgl
A collection of utilities to enable drawing to WebGL canvases
@d3fc/d3fc-pointer
Component which emits the current mouse or touch position over a selection
@d3fc/d3fc-element
Custom HTML elements that make it easier to create responsive visualisations that integrate easily with other UI frameworks (e.g. React, Angular)