From 96882690279945b7dd96f9af081edf38e3cee4dc Mon Sep 17 00:00:00 2001 From: Alois Klink Date: Sun, 24 Sep 2023 17:07:30 +0100 Subject: [PATCH 1/9] ci(release-draft): limit GITHUB_TOKEN permissions Limit the `GITHUB_TOKEN` permissions for `toolmantim/release-drafter` to the minimum required permissions. --- .github/workflows/release-draft.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/release-draft.yml b/.github/workflows/release-draft.yml index a37b7bcf2a..d57daf67d9 100644 --- a/.github/workflows/release-draft.yml +++ b/.github/workflows/release-draft.yml @@ -5,9 +5,15 @@ on: branches: - develop +permissions: + contents: read + jobs: draft-release: runs-on: ubuntu-latest + permissions: + contents: write # write permission is required to create a github release + pull-requests: read # required to read PR titles/labels steps: - name: Draft Release uses: toolmantim/release-drafter@v5 From b928e60d8b4a1d83deb2800b6c2b083c73d722b8 Mon Sep 17 00:00:00 2001 From: Alois Klink Date: Sun, 24 Sep 2023 18:04:06 +0100 Subject: [PATCH 2/9] ci(pr-labeler): limit GITHUB_TOKEN permissions Limit the `GITHUB_TOKEN` permissions for `TimonVS/pr-labeler-action` to the minimum required permissions. --- .github/workflows/pr-labeler.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/pr-labeler.yml b/.github/workflows/pr-labeler.yml index 0a53c6e424..d2df287e53 100644 --- a/.github/workflows/pr-labeler.yml +++ b/.github/workflows/pr-labeler.yml @@ -3,9 +3,15 @@ on: pull_request_target: types: [opened] +permissions: + contents: read + jobs: pr-labeler: runs-on: ubuntu-latest + permissions: + contents: read # read permission is required to read config file + pull-requests: write # write permission is required to label PRs steps: - name: Label PR uses: TimonVS/pr-labeler-action@v4 From 123d53c265a90f9abe526141d7872ceb116b8268 Mon Sep 17 00:00:00 2001 From: Alois Klink Date: Sun, 24 Sep 2023 17:15:30 +0100 Subject: [PATCH 3/9] ci(release-drafter): remove unused `branch` config `branch` is not a valid configuration option for release-drafter, see https://github.com/release-drafter/release-drafter#configuration-options There's is a similar [`references` option][1], but it does nothing when using GitHub Actions (it's only there for GitHub apps). There's also `commitish`, but it defaults to the target/branch the GitHub Action job runs on, so we don't need to set that. [1]: https://github.com/release-drafter/release-drafter#references --- .github/release-drafter.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml index e650f8dd11..83138c3d46 100644 --- a/.github/release-drafter.yml +++ b/.github/release-drafter.yml @@ -25,8 +25,6 @@ categories: change-template: '- $TITLE (#$NUMBER) @$AUTHOR' sort-by: title sort-direction: ascending -branches: - - develop exclude-labels: - 'Skip changelog' no-changes-template: 'This release contains minor changes and bugfixes.' From 5f740312fe6988390f2ca9fc048a54b0587f4245 Mon Sep 17 00:00:00 2001 From: Alois Klink Date: Sun, 24 Sep 2023 18:17:02 +0100 Subject: [PATCH 4/9] ci(release-draft): handle new release-drafter name https://github.com/toolmantim/release-drafter has been renamed to https://github.com/release-drafter/release-drafter. --- .github/workflows/release-draft.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-draft.yml b/.github/workflows/release-draft.yml index d57daf67d9..c130375976 100644 --- a/.github/workflows/release-draft.yml +++ b/.github/workflows/release-draft.yml @@ -16,6 +16,6 @@ jobs: pull-requests: read # required to read PR titles/labels steps: - name: Draft Release - uses: toolmantim/release-drafter@v5 + uses: release-drafter/release-drafter@v5 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From dc22189eef2cdcdf96e8caf26d4e020e74c47fe2 Mon Sep 17 00:00:00 2001 From: Alois Klink Date: Sun, 24 Sep 2023 18:10:10 +0100 Subject: [PATCH 5/9] docs(ci/pr-labeler): warn about security issues Using `pull_request_target` is pretty dangerous, since it heavily increases the risk of malicious PRs getting access to the mermaid-js repo. What we're doing currently is safe, but we should add a warning message just to ensure that we're very careful when we make changes. See: https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target See: https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ --- .github/workflows/pr-labeler.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/pr-labeler.yml b/.github/workflows/pr-labeler.yml index d2df287e53..52228a2273 100644 --- a/.github/workflows/pr-labeler.yml +++ b/.github/workflows/pr-labeler.yml @@ -1,6 +1,14 @@ name: Apply labels to PR on: pull_request_target: + # required for pr-labeler to support PRs from forks + # ===================== ⛔ ☢️ 🚫 ⚠️ Warning ⚠️ 🚫 ☢️ ⛔ ======================= + # Be very careful what you put in this GitHub Action workflow file to avoid + # malicious PRs from getting access to the Mermaid-js repo. + # + # Please read the following first before reviewing/merging: + # - https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target + # - https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ types: [opened] permissions: From 672a289909b0d782a25ea06a800221ce2ac8f7e9 Mon Sep 17 00:00:00 2001 From: Alois Klink Date: Sun, 24 Sep 2023 18:29:55 +0100 Subject: [PATCH 6/9] style(pr-labeler): format .github/pr-labeler.yml Change the formatting of .github/pr-labeler.yml to make `git diff`'s easier to understand in a future commit. --- .github/pr-labeler.yml | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/.github/pr-labeler.yml b/.github/pr-labeler.yml index 0bbd8db66a..bbd122a7ca 100644 --- a/.github/pr-labeler.yml +++ b/.github/pr-labeler.yml @@ -1,4 +1,13 @@ -'Type: Bug / Error': ['bug/*', fix/*] -'Type: Enhancement': ['feature/*', 'feat/*'] -'Type: Other': ['other/*', 'chore/*', 'test/*', 'refactor/*'] -'Area: Documentation': ['docs/*'] +'Type: Bug / Error': + - 'bug/*' + - 'fix/*' +'Type: Enhancement': + - 'feature/*' + - 'feat/*' +'Type: Other': + - 'other/*' + - 'chore/*' + - 'test/*' + - 'refactor/*' +'Area: Documentation': + - 'docs/*' From a1673d3aca6a43500a1c469c07d65bc54edd647b Mon Sep 17 00:00:00 2001 From: Alois Klink Date: Sun, 24 Sep 2023 18:53:08 +0100 Subject: [PATCH 7/9] ci(pr-labeler): replace TimonVS/pr-labeler-action Replace the `TimonVS/pr-labeler-action` with `release-drafter/release-drafter` as it has an [`autolabeler`][1] option that can autolabel PRs for us. This should fix labeling PRs from forks, see https://github.com/TimonVS/pr-labeler-action/issues/25. I've kept the `.github/pr-labeler.yml` configuration file, so that links to it from the https://mermaid.js.org website continue to work. I've also kept everything in the same `.github/workflows/pr-labeler.yml` GitHub Actions workflow to make the `git diff` easier to review, and to keep the GitHub Actions permissions the same. [1]: https://github.com/release-drafter/release-drafter/blob/ff929b5ceb21bf2646a216e916f9a8bb507d48a3/README.md#autolabeler --- .github/pr-labeler.yml | 32 +++++++++++-------- .../workflows/pr-labeler-config-validator.yml | 23 ------------- .github/workflows/pr-labeler.yml | 8 +++-- .github/workflows/release-draft.yml | 2 ++ 4 files changed, 27 insertions(+), 38 deletions(-) delete mode 100644 .github/workflows/pr-labeler-config-validator.yml diff --git a/.github/pr-labeler.yml b/.github/pr-labeler.yml index bbd122a7ca..5613ca2bb9 100644 --- a/.github/pr-labeler.yml +++ b/.github/pr-labeler.yml @@ -1,13 +1,19 @@ -'Type: Bug / Error': - - 'bug/*' - - 'fix/*' -'Type: Enhancement': - - 'feature/*' - - 'feat/*' -'Type: Other': - - 'other/*' - - 'chore/*' - - 'test/*' - - 'refactor/*' -'Area: Documentation': - - 'docs/*' +# yaml-language-server: $schema=https://raw.githubusercontent.com/release-drafter/release-drafter/master/schema.json +autolabeler: + - label: 'Type: Bug / Error' + branch: + - '/bug\/.+/' + - '/fix\/.+/' + - label: 'Type: Enhancement' + branch: + - '/feature\/.+/' + - '/feat\/.+/' + - label: 'Type: Other' + branch: + - '/other\/.+/' + - '/chore\/.+/' + - '/test\/.+/' + - '/refactor\/.+/' + - label: 'Area: Documentation' + branch: + - '/docs\/.+/' diff --git a/.github/workflows/pr-labeler-config-validator.yml b/.github/workflows/pr-labeler-config-validator.yml deleted file mode 100644 index ff5d8d0a1f..0000000000 --- a/.github/workflows/pr-labeler-config-validator.yml +++ /dev/null @@ -1,23 +0,0 @@ -name: Validate PR Labeler Configuration -on: - push: - paths: - - .github/workflows/pr-labeler-config-validator.yml - - .github/workflows/pr-labeler.yml - - .github/pr-labeler.yml - pull_request: - paths: - - .github/workflows/pr-labeler-config-validator.yml - - .github/workflows/pr-labeler.yml - - .github/pr-labeler.yml - -jobs: - pr-labeler: - runs-on: ubuntu-latest - steps: - - name: Checkout Repository - uses: actions/checkout@v3 - - name: Validate Configuration - uses: Yash-Singh1/pr-labeler-config-validator@releases/v0.0.3 - with: - configuration-path: .github/pr-labeler.yml diff --git a/.github/workflows/pr-labeler.yml b/.github/workflows/pr-labeler.yml index 52228a2273..b2fc1cc26e 100644 --- a/.github/workflows/pr-labeler.yml +++ b/.github/workflows/pr-labeler.yml @@ -9,7 +9,7 @@ on: # Please read the following first before reviewing/merging: # - https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target # - https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ - types: [opened] + types: [opened, reopened, synchronize] permissions: contents: read @@ -22,6 +22,10 @@ jobs: pull-requests: write # write permission is required to label PRs steps: - name: Label PR - uses: TimonVS/pr-labeler-action@v4 + uses: release-drafter/release-drafter@v5 + with: + config-name: pr-labeler.yml + disable-autolabeler: false + disable-releaser: true env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/release-draft.yml b/.github/workflows/release-draft.yml index c130375976..8ad1b13ecd 100644 --- a/.github/workflows/release-draft.yml +++ b/.github/workflows/release-draft.yml @@ -17,5 +17,7 @@ jobs: steps: - name: Draft Release uses: release-drafter/release-drafter@v5 + with: + disable-autolabeler: true env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 99beeba261674f57249179df6ad415e8a7169e07 Mon Sep 17 00:00:00 2001 From: Alois Klink Date: Sun, 24 Sep 2023 19:38:31 +0100 Subject: [PATCH 8/9] ci(pr-labeler): add required `template` option This value is unused, but it's required, so we have to add it. Fixes: a1673d3aca6a43500a1c469c07d65bc54edd647b --- .github/pr-labeler.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/pr-labeler.yml b/.github/pr-labeler.yml index 5613ca2bb9..15e1843276 100644 --- a/.github/pr-labeler.yml +++ b/.github/pr-labeler.yml @@ -17,3 +17,6 @@ autolabeler: - label: 'Area: Documentation' branch: - '/docs\/.+/' + +template: | + This field is unused, as we only use this config file for labeling PRs. From b5fd8fb7c1276f004ebbdab62fddc5ecc1e97e0b Mon Sep 17 00:00:00 2001 From: SteffenLm <33038091+SteffenLm@users.noreply.github.com> Date: Fri, 3 Nov 2023 20:55:42 +0100 Subject: [PATCH 9/9] fix text-decoration for abstract attibutes --- .../src/diagrams/class/classTypes.spec.ts | 79 +++++++++++++++++++ .../mermaid/src/diagrams/class/classTypes.ts | 2 +- 2 files changed, 80 insertions(+), 1 deletion(-) diff --git a/packages/mermaid/src/diagrams/class/classTypes.spec.ts b/packages/mermaid/src/diagrams/class/classTypes.spec.ts index 2b360d4473..5a5ffa4dbd 100644 --- a/packages/mermaid/src/diagrams/class/classTypes.spec.ts +++ b/packages/mermaid/src/diagrams/class/classTypes.spec.ts @@ -681,3 +681,82 @@ describe('given text representing a method, ', function () { }); }); }); + +describe('given text representing an attribute', () => { + describe('when the attribute has no modifiers', () => { + it('should parse the display text correctly', () => { + const str = 'name String'; + + const displayDetails = new ClassMember(str, 'attribute').getDisplayDetails(); + + expect(displayDetails.displayText).toBe('name String'); + expect(displayDetails.cssStyle).toBe(''); + }); + }); + + describe('when the attribute has public "+" modifier', () => { + it('should parse the display text correctly', () => { + const str = '+name String'; + + const displayDetails = new ClassMember(str, 'attribute').getDisplayDetails(); + + expect(displayDetails.displayText).toBe('+name String'); + expect(displayDetails.cssStyle).toBe(''); + }); + }); + + describe('when the attribute has protected "#" modifier', () => { + it('should parse the display text correctly', () => { + const str = '#name String'; + + const displayDetails = new ClassMember(str, 'attribute').getDisplayDetails(); + + expect(displayDetails.displayText).toBe('#name String'); + expect(displayDetails.cssStyle).toBe(''); + }); + }); + + describe('when the attribute has private "-" modifier', () => { + it('should parse the display text correctly', () => { + const str = '-name String'; + + const displayDetails = new ClassMember(str, 'attribute').getDisplayDetails(); + + expect(displayDetails.displayText).toBe('-name String'); + expect(displayDetails.cssStyle).toBe(''); + }); + }); + + describe('when the attribute has internal "~" modifier', () => { + it('should parse the display text correctly', () => { + const str = '~name String'; + + const displayDetails = new ClassMember(str, 'attribute').getDisplayDetails(); + + expect(displayDetails.displayText).toBe('~name String'); + expect(displayDetails.cssStyle).toBe(''); + }); + }); + + describe('when the attribute has static "$" modifier', () => { + it('should parse the display text correctly and apply static css style', () => { + const str = 'name String$'; + + const displayDetails = new ClassMember(str, 'attribute').getDisplayDetails(); + + expect(displayDetails.displayText).toBe('name String'); + expect(displayDetails.cssStyle).toBe(staticCssStyle); + }); + }); + + describe('when the attribute has abstract "*" modifier', () => { + it('should parse the display text correctly and apply abstract css style', () => { + const str = 'name String*'; + + const displayDetails = new ClassMember(str, 'attribute').getDisplayDetails(); + + expect(displayDetails.displayText).toBe('name String'); + expect(displayDetails.cssStyle).toBe(abstractCssStyle); + }); + }); +}); diff --git a/packages/mermaid/src/diagrams/class/classTypes.ts b/packages/mermaid/src/diagrams/class/classTypes.ts index e288eefde8..f112dd4dde 100644 --- a/packages/mermaid/src/diagrams/class/classTypes.ts +++ b/packages/mermaid/src/diagrams/class/classTypes.ts @@ -106,7 +106,7 @@ export class ClassMember { this.visibility = firstChar as Visibility; } - if (lastChar.match(/[*?]/)) { + if (lastChar.match(/[$*]/)) { potentialClassifier = lastChar; }