@db-ux/core-components 3.0.1 → 3.0.2-copilot2-e7bf98b
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
## Common AI mistakes
|
|
2
|
+
|
|
3
|
+
### `DBButton` or `db-button`
|
|
4
|
+
|
|
5
|
+
- available variants are `outline`, `brand`, `filled`, `ghost`
|
|
6
|
+
- always use variant `outline` as default
|
|
7
|
+
- use variant `brand` as CTA or primary action
|
|
8
|
+
- if `noText`/`no-text` property is used add a `DBTooltip` or `db-tooltip` inside the Button
|
|
9
|
+
- always add a `type` as property as best practise
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { glob } from 'glob';
|
|
2
|
-
import {
|
|
2
|
+
import { execFile } from 'node:child_process';
|
|
3
3
|
import { promisify } from 'node:util';
|
|
4
4
|
|
|
5
5
|
import { dirname } from 'path';
|
|
@@ -8,12 +8,16 @@ import { fileURLToPath } from 'url';
|
|
|
8
8
|
const __filename = fileURLToPath(import.meta.url);
|
|
9
9
|
const __dirname = dirname(__filename).replaceAll('\\', '/');
|
|
10
10
|
|
|
11
|
-
|
|
11
|
+
// Security: Using execFile instead of exec to eliminate shell injection risks
|
|
12
|
+
// execFile directly executes the binary without involving a shell
|
|
13
|
+
const execFileAsync = promisify(execFile);
|
|
12
14
|
|
|
13
15
|
const generateFonts = async () => {
|
|
14
16
|
console.log('Generating EU fonts...');
|
|
15
17
|
try {
|
|
16
|
-
|
|
18
|
+
// Security: Using array arguments instead of concatenated string
|
|
19
|
+
// This prevents shell interpretation of special characters
|
|
20
|
+
await execFileAsync('pyftsubset', ['--help']);
|
|
17
21
|
} catch (e) {
|
|
18
22
|
console.warn(
|
|
19
23
|
'You need to install pyftsubset. Check packages/foundations/assets/fonts/README.md for more information.'
|
|
@@ -22,19 +26,28 @@ const generateFonts = async () => {
|
|
|
22
26
|
|
|
23
27
|
try {
|
|
24
28
|
const files = await glob(`${__dirname}/*.ttf`);
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
29
|
+
|
|
30
|
+
for (const file of files) {
|
|
31
|
+
// Security: Validate that the file is within the expected directory
|
|
32
|
+
// and has the expected extension to prevent path traversal attacks
|
|
33
|
+
if (!file.startsWith(__dirname) || !file.endsWith('.ttf')) {
|
|
34
|
+
console.warn(`Skipping potentially unsafe file path: ${file}`);
|
|
35
|
+
continue;
|
|
36
|
+
}
|
|
37
|
+
|
|
38
|
+
// Security: Arguments are passed as separate array elements
|
|
39
|
+
// No shell concatenation means no risk of command injection
|
|
40
|
+
const args = [
|
|
28
41
|
file,
|
|
29
42
|
'--layout-features=*',
|
|
30
43
|
'--flavor=woff2',
|
|
31
44
|
`--unicodes-file=${__dirname}/unicode-eu.txt`,
|
|
32
45
|
`--output-file=${file.replace('.ttf', '-EU.woff2')}`
|
|
33
|
-
]
|
|
34
|
-
);
|
|
46
|
+
];
|
|
35
47
|
|
|
36
|
-
|
|
37
|
-
|
|
48
|
+
// Security: execFile provides better performance and type safety
|
|
49
|
+
// as it doesn't spawn a shell process
|
|
50
|
+
const { stdout, stderr } = await execFileAsync('pyftsubset', args);
|
|
38
51
|
if (stdout) console.log(`stdout: ${stdout}`);
|
|
39
52
|
if (stderr) console.error(`stderr: ${stderr}`);
|
|
40
53
|
}
|
|
@@ -26,6 +26,10 @@
|
|
|
26
26
|
|
|
27
27
|
%full-horizontal {
|
|
28
28
|
&:not([data-width="full"]) {
|
|
29
|
+
/// Sets the maximum height of the drawer
|
|
30
|
+
/// @propertyname max-block-size
|
|
31
|
+
/// @cssprop --db-drawer-max-height
|
|
32
|
+
/// @default calc(100% - #{variables.$db-spacing-fixed-xl})
|
|
29
33
|
max-block-size: var(
|
|
30
34
|
--db-drawer-max-height,
|
|
31
35
|
calc(100% - #{variables.$db-spacing-fixed-xl})
|
|
@@ -87,6 +91,10 @@ $spacings: (
|
|
|
87
91
|
|
|
88
92
|
.db-drawer-header {
|
|
89
93
|
// We need this variable to overwrite it inside the header
|
|
94
|
+
/// Controls the bottom padding inside the drawer header
|
|
95
|
+
/// @propertyname padding-block-end
|
|
96
|
+
/// @cssprop --db-drawer-header-padding-block-end
|
|
97
|
+
/// @default #{map.get($spacing, "block")}
|
|
90
98
|
/* stylelint-disable-next-line db-ux/use-spacings */
|
|
91
99
|
padding-block-end: var(
|
|
92
100
|
--db-drawer-header-padding-block-end,
|
|
@@ -97,6 +105,10 @@ $spacings: (
|
|
|
97
105
|
|
|
98
106
|
.db-drawer-content {
|
|
99
107
|
// We need this variable to overwrite it inside the header
|
|
108
|
+
/// Controls left/right padding inside the drawer content area
|
|
109
|
+
/// @propertyname padding-inline
|
|
110
|
+
/// @cssprop --db-drawer-content-padding-inline
|
|
111
|
+
/// @default #{map.get($spacing, "inline")}
|
|
100
112
|
/* stylelint-disable-next-line db-ux/use-spacings */
|
|
101
113
|
padding-inline: var(
|
|
102
114
|
--db-drawer-content-padding-inline,
|
|
@@ -134,6 +146,19 @@ $spacings: (
|
|
|
134
146
|
box-shadow: variables.$db-elevation-md;
|
|
135
147
|
|
|
136
148
|
&:not([data-width="full"]) {
|
|
149
|
+
/// Sets the maximum width of the drawer
|
|
150
|
+
/// and some default values for the drawer
|
|
151
|
+
/// @propertyname max-inline-size
|
|
152
|
+
/// @cssprop --db-drawer-max-width
|
|
153
|
+
/// @default calc(100% - #{variables.$db-spacing-fixed-xl})
|
|
154
|
+
///
|
|
155
|
+
/// @example css - Wide drawer
|
|
156
|
+
/// .db-drawer-wide {
|
|
157
|
+
/// --db-drawer-max-width: 800px;
|
|
158
|
+
/// }
|
|
159
|
+
/// <div class="db-drawer db-drawer-wide">
|
|
160
|
+
/// <!-- wide drawer -->
|
|
161
|
+
/// </div>
|
|
137
162
|
max-inline-size: var(
|
|
138
163
|
--db-drawer-max-width,
|
|
139
164
|
calc(100% - #{variables.$db-spacing-fixed-xl})
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@db-ux/core-components",
|
|
3
|
-
"version": "3.0.
|
|
3
|
+
"version": "3.0.2-copilot2-e7bf98b",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"description": "",
|
|
6
6
|
"repository": {
|
|
@@ -10,6 +10,7 @@
|
|
|
10
10
|
"author": "General technical components out of DB UX Design System (Version 3)",
|
|
11
11
|
"license": "Apache-2.0",
|
|
12
12
|
"files": [
|
|
13
|
+
"agent",
|
|
13
14
|
"build"
|
|
14
15
|
],
|
|
15
16
|
"scripts": {
|
|
@@ -27,6 +28,7 @@
|
|
|
27
28
|
"compile:vue": "mitosis build --config configs/vue/mitosis.config.cjs && tsx scripts/exec/vue.ts && cpr ../../output/tmp/vue/src ../../output/vue/src --overwrite",
|
|
28
29
|
"copy-assets": "cpr ../foundations/assets build/assets -o",
|
|
29
30
|
"copy-output": "npm-run-all copy:*",
|
|
31
|
+
"copy:agent": "cpr agent ../../build-outputs/components/agent -o",
|
|
30
32
|
"copy:outputs": "cpr build ../../build-outputs/components/build --overwrite",
|
|
31
33
|
"copy:package.json": "cpr package.json ../../build-outputs/components/package.json --overwrite",
|
|
32
34
|
"copy:readme": "cpr README.md ../../build-outputs/components/README.md --overwrite",
|
|
@@ -36,13 +38,14 @@
|
|
|
36
38
|
"dev:scss": "npm run build-style:01_sass -- --watch",
|
|
37
39
|
"dev:stencil": "nodemon --watch src --watch scripts --ext tsx,ts --exec \"npm run compile:stencil\"",
|
|
38
40
|
"dev:vue": "nodemon --watch src --watch scripts --ext tsx,ts --exec \"npm run compile:vue\"",
|
|
41
|
+
"generate:agent": "mitosis build -c configs/mitosis.agent.config.cjs",
|
|
39
42
|
"generate:component": "hygen mitosis new",
|
|
40
43
|
"generate:docs": "hygen update-docs new",
|
|
41
44
|
"prepack": "npm run copy-assets",
|
|
42
45
|
"start": "nodemon --watch src --watch scripts --watch scripts --ext js,tsx,ts,scss,json --exec \"npm run build\""
|
|
43
46
|
},
|
|
44
47
|
"dependencies": {
|
|
45
|
-
"@db-ux/core-foundations": "3.0.
|
|
48
|
+
"@db-ux/core-foundations": "3.0.2-copilot2-e7bf98b"
|
|
46
49
|
},
|
|
47
50
|
"devDependencies": {
|
|
48
51
|
"@builder.io/eslint-plugin-mitosis": "0.0.17",
|
|
@@ -54,6 +57,7 @@
|
|
|
54
57
|
"hygen": "6.2.11",
|
|
55
58
|
"nodemon": "3.1.10",
|
|
56
59
|
"sass": "1.85.0",
|
|
60
|
+
"sassdoc": "^2.7.4",
|
|
57
61
|
"tsx": "4.20.3"
|
|
58
62
|
},
|
|
59
63
|
"publishConfig": {
|