Gathering detailed insights and metrics for dmn-js-properties-panel
Gathering detailed insights and metrics for dmn-js-properties-panel
Installations
npm install dmn-js-properties-panelDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Min. Node Version
*
Node Version
22.14.0
NPM Version
10.9.2
Releases
11
Languages
2
JavaScript
CSS
JavaScript (99.32%)
CSS (0.68%)
Developer
bpmn-io
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
13 Stars
309 Commits
14 Forks
7 Watchers
3 Branches
18 Contributors
Updated on May 23, 2025
Maintainers
10
Package Meta Information
Latest Version
3.8.0
Package Id
dmn-js-properties-panel@3.8.0
Unpacked Size
309.17 kB
Size
64.55 kB
File Count
8
NPM Version
10.9.2
Node Version
22.14.0
Published on
May 23, 2025
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Peer Dependencies
3
Dev Dependencies
42
@babel/core@babel/plugin-transform-react-jsx@bpmn-io/properties-panel@rollup/plugin-alias@rollup/plugin-babel@rollup/plugin-commonjs@rollup/plugin-json@rollup/plugin-node-resolve@svgr/rollup@svgr/webpack@testing-library/preactbabel-loaderbabel-plugin-istanbulcamunda-dmn-moddlechaicross-envdiagram-jsdmn-jsdmn-js-drddmn-js-sharedeslinteslint-plugin-bpmn-ioeslint-plugin-importeslint-plugin-react-hookskarmakarma-chrome-launcherkarma-coveragekarma-debug-launcherkarma-env-preprocessorkarma-mochakarma-sinon-chaikarma-webpackmochamocha-test-container-supportnpm-run-all2puppeteerrolluprollup-plugin-copysinonsinon-chaiwebpackzeebe-dmn-moddle
dmn-js-properties-panel
This is properties panel extension for dmn-js.
Features
The properties panel allows users to edit invisible DMN properties in a convenient way.
Some of the features are:
- Edit element ids and names
- Edit execution related Camunda properties
- Redo and undo (plugs into the dmn-js editing cycle)
Usage
Provide two HTML elements, one for the properties panel and one for the DMN diagram:
1<div class="modeler"> 2 <div id="canvas"></div> 3 <div id="properties"></div> 4</div>
Bootstrap dmn-js with the properties panel, and a properties provider:
1import DmnModeler from 'dmn-js/lib/Modeler'; 2 3import { 4 DmnPropertiesPanelModule, 5 DmnPropertiesProviderModule, 6} from 'dmn-js-properties-panel'; 7 8var dmnModeler = new DmnModeler({ 9 drd: { 10 propertiesPanel: { 11 parent: '#properties' 12 }, 13 additionalModules: [ 14 DmnPropertiesPanelModule, 15 DmnPropertiesProviderModule 16 ] 17 }, 18 container: '#canvas' 19});
Dynamic Attach/Detach
You may attach or detach the properties panel dynamically to any element on the page, too:
1var propertiesPanel = dmnJS.get('propertiesPanel'); 2 3// detach the panel 4propertiesPanel.detach(); 5 6// attach it to some other element 7propertiesPanel.attachTo('#other-properties');
Use with Camunda properties
In order to be able to edit Camunda related properties, use the camunda properties provider.
In addition, you need to define the camunda namespace via camunda-dmn-moddle.
1import DmnModeler from 'dmn-js/lib/Modeler'; 2import { 3 DmnPropertiesPanelModule, 4 DmnPropertiesProviderModule, 5 CamundaPropertiesProviderModule 6} from 'dmn-js-properties-panel'; 7 8 9// use Camunda properties provider 10import CamundaPropertiesProvider from 'src/provider/camunda'; 11 12// a descriptor that defines Camunda related DMN 1.1 XML extensions 13import camundaModdleDescriptor from 'camunda-dmn-moddle/resources/camunda'; 14 15var dmnModeler = new DmnModeler({ 16 drd: { 17 propertiesPanel: { 18 parent: '#properties' 19 }, 20 additionalModules: [ 21 DmnPropertiesPanelModule, 22 DmnPropertiesProviderModule, 23 CamundaPropertiesProviderModule 24 ] 25 }, 26 container: '#canvas' 27 // make camunda prefix known for import, editing and export 28 moddleExtensions: { 29 camunda: camundaModdleDescriptor 30 } 31}); 32 33...
Additional Resources
Development
Running the tests
1npm install 2 3export TEST_BROWSERS=Chrome 4npm run all
License
MIT
High
0/10
Summary
Cross-Site Scripting in dmn-js-properties-panel
Affected Versions
< 0.3.0
Patched Versions
0.3.0
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/bpmn-io/.github/SECURITY.md:1
- Info: Found linked content: github.com/bpmn-io/.github/SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/bpmn-io/.github/SECURITY.md:1
- Info: Found text in security policy: github.com/bpmn-io/.github/SECURITY.md:1
Reason
SAST tool detected but not run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Warn: 17 commits out of 19 are checked with a SAST tool
Reason
3 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2
Reason
dependency not pinned by hash detected -- score normalized to 2
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/bpmn-io/dmn-js-properties-panel/CI.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/bpmn-io/dmn-js-properties-panel/CI.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/bpmn-io/dmn-js-properties-panel/CI.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/CI.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/bpmn-io/dmn-js-properties-panel/CI.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CODE_SCANNING.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/bpmn-io/dmn-js-properties-panel/CODE_SCANNING.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CODE_SCANNING.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/bpmn-io/dmn-js-properties-panel/CODE_SCANNING.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CODE_SCANNING.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/bpmn-io/dmn-js-properties-panel/CODE_SCANNING.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/CI.yml:28
- Info: 0 out of 5 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
- Info: 1 out of 2 npmCommand dependencies pinned
Reason
Found 2/15 approved changesets -- score normalized to 1
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/CI.yml:1
- Warn: no topLevel permission defined: .github/workflows/CODE_SCANNING.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'main'
Reason
13 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-7q7g-4xm8-89cq
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-jrvm-mcxc-mf6m
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx
- Warn: Project is vulnerable to: GHSA-8cj5-5rvv-wf4v
Score
4.1
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More