Installations
npm install dmn-js-properties-panelDeveloper
bpmn-io
Developer Guide
Module System
CommonJS
Min. Node Version
*
Typescript Support
No
Node Version
20.11.1
NPM Version
10.9.0
Statistics
11 Stars
296 Commits
14 Forks
8 Watching
4 Branches
17 Contributors
Updated on 20 Nov 2024
Bundle Size
23.28 kB
Minified
7.07 kB
Minified + Gzipped
Languages
JavaScript (99.32%)
CSS (0.68%)
Total Downloads
Cumulative downloads
Total Downloads
424,530
Last day
-8.2%
763
Compared to previous day
Last week
20.4%
4,217
Compared to previous week
Last month
26.5%
16,993
Compared to previous month
Last year
13.5%
167,630
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Peer Dependencies
3
Dev Dependencies
42
dmn-js-properties-panel
This is properties panel extension for dmn-js.
Features
The properties panel allows users to edit invisible DMN properties in a convenient way.
Some of the features are:
- Edit element ids and names
- Edit execution related Camunda properties
- Redo and undo (plugs into the dmn-js editing cycle)
Usage
Provide two HTML elements, one for the properties panel and one for the DMN diagram:
1<div class="modeler"> 2 <div id="canvas"></div> 3 <div id="properties"></div> 4</div>
Bootstrap dmn-js with the properties panel, and a properties provider:
1import DmnModeler from 'dmn-js/lib/Modeler'; 2 3import { 4 DmnPropertiesPanelModule, 5 DmnPropertiesProviderModule, 6} from 'dmn-js-properties-panel'; 7 8var dmnModeler = new DmnModeler({ 9 drd: { 10 propertiesPanel: { 11 parent: '#properties' 12 }, 13 additionalModules: [ 14 DmnPropertiesPanelModule, 15 DmnPropertiesProviderModule 16 ] 17 }, 18 container: '#canvas' 19});
Dynamic Attach/Detach
You may attach or detach the properties panel dynamically to any element on the page, too:
1var propertiesPanel = dmnJS.get('propertiesPanel'); 2 3// detach the panel 4propertiesPanel.detach(); 5 6// attach it to some other element 7propertiesPanel.attachTo('#other-properties');
Use with Camunda properties
In order to be able to edit Camunda related properties, use the camunda properties provider.
In addition, you need to define the camunda namespace via camunda-dmn-moddle.
1import DmnModeler from 'dmn-js/lib/Modeler'; 2import { 3 DmnPropertiesPanelModule, 4 DmnPropertiesProviderModule, 5 CamundaPropertiesProviderModule 6} from 'dmn-js-properties-panel'; 7 8 9// use Camunda properties provider 10import CamundaPropertiesProvider from 'src/provider/camunda'; 11 12// a descriptor that defines Camunda related DMN 1.1 XML extensions 13import camundaModdleDescriptor from 'camunda-dmn-moddle/resources/camunda'; 14 15var dmnModeler = new DmnModeler({ 16 drd: { 17 propertiesPanel: { 18 parent: '#properties' 19 }, 20 additionalModules: [ 21 DmnPropertiesPanelModule, 22 DmnPropertiesProviderModule, 23 CamundaPropertiesProviderModule 24 ] 25 }, 26 container: '#canvas' 27 // make camunda prefix known for import, editing and export 28 moddleExtensions: { 29 camunda: camundaModdleDescriptor 30 } 31}); 32 33...
Additional Resources
Development
Running the tests
1npm install 2 3export TEST_BROWSERS=Chrome 4npm run all
License
MIT
Stable Version
The latest stable version of the package.
Stable Version
3.7.0
HIGH
1
0/10
Summary
Cross-Site Scripting in dmn-js-properties-panel
Affected Versions
< 0.3.0
Patched Versions
0.3.0
Reason
30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/bpmn-io/.github/SECURITY.md:1
- Info: Found linked content: github.com/bpmn-io/.github/SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/bpmn-io/.github/SECURITY.md:1
- Info: Found text in security policy: github.com/bpmn-io/.github/SECURITY.md:1
Reason
SAST tool detected but not run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Warn: 6 commits out of 20 are checked with a SAST tool
Reason
dependency not pinned by hash detected -- score normalized to 2
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/bpmn-io/dmn-js-properties-panel/CI.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/bpmn-io/dmn-js-properties-panel/CI.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/bpmn-io/dmn-js-properties-panel/CI.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CODE_SCANNING.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/bpmn-io/dmn-js-properties-panel/CODE_SCANNING.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CODE_SCANNING.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/bpmn-io/dmn-js-properties-panel/CODE_SCANNING.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CODE_SCANNING.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/bpmn-io/dmn-js-properties-panel/CODE_SCANNING.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/CI.yml:28
- Info: 0 out of 5 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
- Info: 1 out of 2 npmCommand dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/CI.yml:1
- Warn: no topLevel permission defined: .github/workflows/CODE_SCANNING.yml:1
- Info: no jobLevel write permissions found
Reason
Found 1/13 approved changesets -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'main'
Reason
10 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-7q7g-4xm8-89cq
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-jrvm-mcxc-mf6m
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Score
4.6
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More