Fix: arrow sizing issue

[mahabeer-indiit]

The arrow was not visible when providing arrowSize. Fixed with relative position and height, width defaults to zero.

[corgea]

🐕 Corgea found the following new SCA issues in the codebase:

Package	CVE	Severity	Version	Fixed Version	Ecosystem	Summary
form-data	CVE-2025-7783	CRITICAL	3.0.1	3.0.4	npm	form-data uses unsafe random function in form-data for choosing boundary
@babel/traverse	CVE-2023-45133	CRITICAL	7.21.3	7.23.2	npm	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code
fast-xml-parser	CVE-2026-25896	CRITICAL	4.1.3	4.5.4	npm	fast-xml-parser has an entity encoding bypass via regex injection in DOCTYPE entity names
flatted	CVE-2026-33228	HIGH	3.2.7	3.4.2	npm	Prototype Pollution via parse() in NodeJS flatted
tar	CVE-2026-23950	HIGH	6.1.13	7.5.4	npm	Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on macOS APFS
rollup	CVE-2026-27606	HIGH	4.12.1	4.59.0	npm	Rollup 4 has Arbitrary File Write via Path Traversal
minimatch	CVE-2026-26996	HIGH	3.1.2	3.1.3	npm	minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern
node-forge	CVE-2025-66031	HIGH	1.3.1	1.3.2	npm	node-forge has ASN.1 Unbounded Recursion
cross-spawn	CVE-2024-21538	HIGH	7.0.3	7.0.5	npm	Regular Expression Denial of Service (ReDoS) in cross-spawn
image-size	N/A	HIGH	1.1.1	1.2.1	npm	image-size Denial of Service via Infinite Loop during Image Processing

Showing 10 out of 83 findings. See full results