powerbi-visuals-tools 4.0.6 → 4.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/Changelog.md +10 -0
  2. package/SECURITY.md +41 -0
  3. package/certs/PowerBICustomVisualTest_private.key +26 -26
  4. package/certs/PowerBICustomVisualTest_public.crt +17 -17
  5. package/config.json +1 -35
  6. package/package.json +6 -6
  7. package/spec/e2e/pbivizNewSpec.js +2 -2
package/Changelog.md CHANGED
@@ -2,6 +2,16 @@
2
2
 
3
3
  This page contains information about changes to the PowerBI Visual Tools (pbiviz).
4
4
 
5
+ ## 4.0.8
6
+ * Reverted to stable version
7
+ * Removed vulnerabilities
8
+
9
+ ## 4.0.7
10
+ ### **⚠ NOT RECOMENDED** - critical bugs discovered for some cases
11
+ * StringResources (Localizations) are supported in Developer Mode.
12
+ * Update `powerbi-visuals-webpack-plugin` to 3.1.0
13
+ * Fixed vulnerabilities
14
+
5
15
  ## 4.0.6
6
16
  Update templates visuals to:
7
17
  * Support new visuals-api version 5.1.0
package/SECURITY.md ADDED
@@ -0,0 +1,41 @@
1
+ <!-- BEGIN MICROSOFT SECURITY.MD V0.0.8 BLOCK -->
2
+
3
+ ## Security
4
+
5
+ Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/).
6
+
7
+ If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://aka.ms/opensource/security/definition), please report it to us as described below.
8
+
9
+ ## Reporting Security Issues
10
+
11
+ **Please do not report security vulnerabilities through public GitHub issues.**
12
+
13
+ Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://aka.ms/opensource/security/create-report).
14
+
15
+ If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://aka.ms/opensource/security/pgpkey).
16
+
17
+ You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://aka.ms/opensource/security/msrc).
18
+
19
+ Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
20
+
21
+ * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
22
+ * Full paths of source file(s) related to the manifestation of the issue
23
+ * The location of the affected source code (tag/branch/commit or direct URL)
24
+ * Any special configuration required to reproduce the issue
25
+ * Step-by-step instructions to reproduce the issue
26
+ * Proof-of-concept or exploit code (if possible)
27
+ * Impact of the issue, including how an attacker might exploit the issue
28
+
29
+ This information will help us triage your report more quickly.
30
+
31
+ If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://aka.ms/opensource/security/bounty) page for more details about our active programs.
32
+
33
+ ## Preferred Languages
34
+
35
+ We prefer all communications to be in English.
36
+
37
+ ## Policy
38
+
39
+ Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://aka.ms/opensource/security/cvd).
40
+
41
+ <!-- END MICROSOFT SECURITY.MD BLOCK -->
package/certs/PowerBICustomVisualTest_private.key CHANGED
@@ -1,28 +1,28 @@
1
1
  -----BEGIN PRIVATE KEY-----
2
- MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC5mklx3Q18S0J1
3
- WN3Th5riawccYs060HO5hAZjUyAaB9Tl7GPUCNiKqOYVYkorgOg8xZzBQUFMexvB
4
- 7jjSImev+RCyW5CT/Ssg6uDgza6tTFTYkLtA9eT48mGmk+nhbZxOjdFJ4Msj00MY
5
- luxSYuhnnj2i+szBvT83+6gnHPVahVLoshSZgL+QMYTZ1p5QK6lw/yYCX5P4Cja2
6
- Ei6RfKTKK5BLSFTxskg88Kza4DdH6Cf8R6ecTUCLvQ8LEfT3bJc8fXLnrGYwr+R/
7
- xZXbx1uqZn52DuvKIWKoNxShvkBaMfhAuKbaD7sp0Vc0CsrIsOZ9RuZSQWpqsSUx
8
- iJnHzo8XAgMBAAECggEBAJZy3n4R9dB/IQwGUSoajg5jO4xi+oFmX6hNwO/affcb
9
- yhPmnrVNxln/tyI2XnENOTOp6/srbkcUs9drx1tu0CXw+vvZBUUwvzkbq9YOZD3N
10
- 1ikGiQOLT2QM9eMVm0xEkaOLic8dDQ2pPoY8MKxHyKPVvZjTPA7/3LMAp7ms26XX
11
- chqSY92zzwNhkr06vEUNyenInvgl+FihVF/MByKGtdL9lc8eun0zuEAHubK6T6B7
12
- QrfnQ1tZXjWtz5zPBa3Hpfy9TMqLhXqV+k6mfa03zCNywmV7IexLBm7/yY7dqkpZ
13
- Wks5hattB/xCL5tA5QIf88Q6O6tcDMERYWNu0yTcR2ECgYEA7qRlWaQ8pzw526xP
14
- XZclB/Qm8jkKMduqmv6A0JGLA+Hr7ugAgi3/ZYWxsI9NyRcw5+EwNrfZR/B/U6Ng
15
- NmyAuU1FE7X8ZbfHLNoijoxsJ1F9SK9z9J5/WVKUnrnYIFrqlrD5Pr5FpVDCqBT5
16
- 2O9wRiWvoR0aN1gR6uC3XBajIHMCgYEAxxpGwytHKAqj1w9HGKFiT5F1EF+VLuvj
17
- GhokQLoeWKxSyVy0ePCyYKAnZy+pKhNxA4bGbdCiV0EliO3DWatWLF1/6mxDxNew
18
- qNIt1Ltok0OnvbTiNhHWaiCJ64NcYCWBEe5Vj0qY0dFgDBmltoXcf9yfMXFBh410
19
- mPSLMzoWYc0CgYEA6TaDTT0xgQVcTY9w6DeDGujA/so7akoPyfSZkjoJrrukRA86
20
- H/4vrtkeszr4e2JMiu8InRDCKImhBO2OYuFaUrxumzqn9AfLf8uVJdWZBDugwd2k
21
- 5hPWxEXts8hOrB/tTWKZ0XVEvq/T60rEd/pWsFa38i1sp1VL/UuqJTaCKH0CgYEA
22
- vTIW8/b4EvCpZ/84jAsvJHUQTJLHbGLy1yboNCmoFJMLyBSz2gi/OFp3lvIPSdBX
23
- oAY+ILQUz900Eb392AOcS2Q93UEr1K0xTfsLWg8L/IRZrUdpff/NQ+PPq2CUMzjw
24
- QV29KAC23wqavmTQt3TUZxv6mj0JDAo7Ne2LKQ6VnjECgYAD/hssI7gN/O9VQh1H
25
- Lth9JaSWra9sG+U7fXG+a52q+4KWmmsrm3BWb/bPLQc/F4KZfU/6CQLdZkFPD8ZT
26
- I3bYMfJ0nBpdeqEC441xjVno4SAKuMuqxj9siuDO+tpHhJVNuZDeXTg5bXsfj1u6
27
- aO5D/CYn9kUZhd9raJCPIElKZw==
2
+ MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC2Ysz+LmiqUC3Z
3
+ NnYMKohS1Cib3YL06FGVvD+iGvQbdEiKxZ86q1h/BkHKc9agu82XZcY/guxm85zn
4
+ EToydVdpcdafHlJTn0MywvihN07u6L+0Slf6B1Z7FPCxDyOi7guKV63h8qMRfoDC
5
+ 2rFRILBgkTq5T7v7bBSzjwAlXxku75YLOHOaNxpr7PgBV5rdGNopaYnZd2ildRyr
6
+ pAYNfNn0i0dgnyPYOr6ZC/2wtCqiVBulWIjldBjCuZVgMW9gdfDK0+aGH6MCmhEO
7
+ /53vPSMEEiViKhKYIEqu3laPr6gEQMS4xc8O8gQff61mNs56t2ir9UtCe2dRs0lI
8
+ grYskqgbAgMBAAECggEAEX5chyzQYTWbkDAHFpelx7wNwRV4ECGQYbpSqCvJqjB3
9
+ HMhjw27X6CcjfFWsCnK4/4KFh2X5Ys6PCCLA4EIdBkIjAdQYtWibO200B9KUQZoV
10
+ eSeAVL0LcHbLt0/qbSBD/xr11Kw/M9hcZVQwmcV25WxIo6mgMDdnrOlUbEE42yV5
11
+ +99Qkw/tP/iLOM5pZzb2T4zhQ4w9TTzS8NaHeyBWP0xVXsitGEEvivQ5KIrrHHde
12
+ 1kqmNO8EQv53AN8vSi6HmTw5vjt0yCDuZoQmu8jwP4Z2zCjXQyYz/v5f4291psuN
13
+ XCueozoWVulBcHg3FTrk0D9QSLjGqEUcVP+5b2Ml0QKBgQD3ZiN4YeG2a4OHWq4z
14
+ X5EtmRsiYDPLYPGO5lWadFLvTkrs7Fy2Nwwtc4e0pb6l944deD5i57fKJLat0C3P
15
+ w0Ir3ChDETObFYfnLgb+/7AISghXCqtkvgB32yYJduxrEIvRh8fBdthLQ/26lSbJ
16
+ 4NVnL524RcIjzvbdmFZMFg8ptQKBgQC8ugsbimpkabx4qOA2Tyto22/Y6tOqkL8r
17
+ JcQFt6I+uLeR9UaWUS+Neb8Wl/KExgoyEvozCk+Fg8EsfzpFOrxKMgmXymWDqrNA
18
+ dpLrVtgeiThh/JxE8Zqa0lH2hbBg8WCPgcBxf/YlTy8uH8IWdiB6EWRXHpBmksqR
19
+ jvBy67psjwKBgA+ixu8e0JMk7GUrmALrMVO+b3aWue9Kqzmq2RIv8+Xn/thGf/2M
20
+ MRrWSGdkak42/SZjqR27I2SFOX52v853usDm4yyJ88cDb1lvEUYghtGfTDOkGvz8
21
+ /S6WDStf9sU1gIC3oipaBoWLQIgAUTlFGnexDLjOv9xfgj6zGBEq+75ZAoGBALqJ
22
+ CEGIZfApsmdwQ2xqg/V4Luyv7dZAizMSeNVN08c6u/ZAACzCwcWL+BtUxBgHxjwI
23
+ FdQs9Lx6pYxdlDKpA0IygtjM69lf9xxYFo8VnzdPWbNAAxUB2FX+W5TWPqcS7OXq
24
+ 0VNdruThhziHm0aoKyF73zlctE0t+Zo1NePgqrpxAoGBAJ1njT4BEu5y9Uw/4uZ9
25
+ 8Kf+NWONab5ab2nD8xmqXI+1/l17dDI1e6y2L4XZs/eKwyAHL2H6N2vtt78TZlZR
26
+ A0YD45cFANVBE00d09UPy1/tsW2cz/c1EwUjpL8w0/ZOsqReLfFRgQ0kT5fmbqsQ
27
+ lch4f8u9PoVmpVEse19fmdkr
28
28
  -----END PRIVATE KEY-----
package/certs/PowerBICustomVisualTest_public.crt CHANGED
@@ -1,19 +1,19 @@
1
1
  -----BEGIN CERTIFICATE-----
2
- MIIDCTCCAfGgAwIBAgIUWvcK57IjhT9RnNLX0KJyVmGJgQYwDQYJKoZIhvcNAQEL
3
- BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTIyMTAxOTE0MTY1M1oXDTIzMTAx
4
- OTE0MTY1M1owFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF
5
- AAOCAQ8AMIIBCgKCAQEAuZpJcd0NfEtCdVjd04ea4msHHGLNOtBzuYQGY1MgGgfU
6
- 5exj1AjYiqjmFWJKK4DoPMWcwUFBTHsbwe440iJnr/kQsluQk/0rIOrg4M2urUxU
7
- 2JC7QPXk+PJhppPp4W2cTo3RSeDLI9NDGJbsUmLoZ549ovrMwb0/N/uoJxz1WoVS
8
- 6LIUmYC/kDGE2daeUCupcP8mAl+T+Ao2thIukXykyiuQS0hU8bJIPPCs2uA3R+gn
9
- /EennE1Ai70PCxH092yXPH1y56xmMK/kf8WV28dbqmZ+dg7ryiFiqDcUob5AWjH4
10
- QLim2g+7KdFXNArKyLDmfUbmUkFqarElMYiZx86PFwIDAQABo1MwUTAdBgNVHQ4E
11
- FgQUYJZtzb9sVfhg4MbBimIX4S59EgAwHwYDVR0jBBgwFoAUYJZtzb9sVfhg4MbB
12
- imIX4S59EgAwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAcaAW
13
- CHtfOXSXOwhSvvZVXciYlkFGa7TBvetFlPAwpcx0iyp/xkagyhlBqmzM8gUA6+1y
14
- 40WIJVCLKObBrHeV/3JM/7VEwRnua9LWDTraYYLd5yQ/eGhdeUIOvtBRWV0TCHmq
15
- 2ArLPov4dAsYJkp5WNQNChg2IPizxEuEjJk+SAafZh7ZXJcyF3bUik5Nz2tX0O+h
16
- 35BP/DVD3HqT9Ve0Em86Pd5tbGYdz0OQ9XteS5YG7wfe9XmKFOUp2Xwgv4joAFe5
17
- ysD+MpqokkgMXjjmNcj75H1yKs3FmvkT4nGWthvWAC5J+CIgvitKf7Vp7YcGtDUP
18
- +dMag6GYu0DoWVYElA==
2
+ MIIDCTCCAfGgAwIBAgIUabVpBDtbkfYWxBXSA1Xq5cAW6uQwDQYJKoZIhvcNAQEL
3
+ BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTIyMTIxMjE5MTUzOFoXDTIzMTIx
4
+ MjE5MTUzOFowFDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF
5
+ AAOCAQ8AMIIBCgKCAQEAtmLM/i5oqlAt2TZ2DCqIUtQom92C9OhRlbw/ohr0G3RI
6
+ isWfOqtYfwZBynPWoLvNl2XGP4LsZvOc5xE6MnVXaXHWnx5SU59DMsL4oTdO7ui/
7
+ tEpX+gdWexTwsQ8jou4Lilet4fKjEX6AwtqxUSCwYJE6uU+7+2wUs48AJV8ZLu+W
8
+ Czhzmjcaa+z4AVea3RjaKWmJ2XdopXUcq6QGDXzZ9ItHYJ8j2Dq+mQv9sLQqolQb
9
+ pViI5XQYwrmVYDFvYHXwytPmhh+jApoRDv+d7z0jBBIlYioSmCBKrt5Wj6+oBEDE
10
+ uMXPDvIEH3+tZjbOerdoq/VLQntnUbNJSIK2LJKoGwIDAQABo1MwUTAdBgNVHQ4E
11
+ FgQU8vdg41zMzEe0gla3eC3GGLKsxBowHwYDVR0jBBgwFoAU8vdg41zMzEe0gla3
12
+ eC3GGLKsxBowDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEArbdi
13
+ j80tpyqv/ePkgwh/BMRFUI47aT/0wVGut4z/Nypjt6wVr5ybYvZOhlK0RI/NrTBs
14
+ GNeXhKcFypT7s2CqXnIFHWZtCOso32kZx05+8acETuB5Lo1yQB+z8dEWxywpk+41
15
+ 8N5fHnWxxP6JVnYqpUznZAkL4HuJQY9n61ah/gi706p2DhgMWEZYcbouHzi4kAK5
16
+ jI7SP6aWJnFc5GD5Q0TzJsbOs/jMsRsLztNu2ifJdJ1KzUQrWpxpDUC39PYcr2+D
17
+ LYp+eiDdCTu52dxPnat9K3bPFYTn38aylzbMdEF66R/AiVZloEI0y6ISOYL2HIpl
18
+ /WMm29V4VJ16ZoO27Q==
19
19
  -----END CERTIFICATE-----
package/config.json CHANGED
@@ -1,35 +1 @@
1
- {
2
- "templates": {
3
- "visuals": "templates/visuals",
4
- "pbiviz": "templates/pbiviz.json.template",
5
- "plugin": "templates/plugin.ts.template",
6
- "package": "templates/package.json.template"
7
- },
8
- "generate": {
9
- "apiVersion": "3.8.0"
10
- },
11
- "constants": {
12
- "minAPIversion": "3.2.0"
13
- },
14
- "build": {
15
- "precompileFolder": ".tmp/precompile",
16
- "dropFolder": ".tmp/drop",
17
- "js": "tmp.visual.js",
18
- "css": "visual.css",
19
- "stats": "../../webpack.statistics.html"
20
- },
21
- "package": {
22
- "dropFolder": "dist"
23
- },
24
- "server": {
25
- "root": "webRoot",
26
- "assetsRoute": "/assets",
27
- "privateKey": "certs/PowerBICustomVisualTest_private.key",
28
- "certificate": "certs/PowerBICustomVisualTest_public.crt",
29
- "pfx": "certs/PowerBICustomVisualTest_public.pfx",
30
- "port": "8080"
31
- },
32
- "visualTemplates": {
33
- "circlecard": "https://codeload.github.com/microsoft/powerbi-visuals-circlecard-react/zip/master"
34
- }
35
- }
1
+ {"templates":{"visuals":"templates/visuals","pbiviz":"templates/pbiviz.json.template","plugin":"templates/plugin.ts.template","package":"templates/package.json.template"},"generate":{"apiVersion":"3.8.0"},"constants":{"minAPIversion":"3.2.0"},"build":{"precompileFolder":".tmp/precompile","dropFolder":".tmp/drop","js":"tmp.visual.js","css":"visual.css","stats":"../../webpack.statistics.html"},"package":{"dropFolder":"dist"},"server":{"root":"webRoot","assetsRoute":"/assets","privateKey":"certs/PowerBICustomVisualTest_private.key","certificate":"certs/PowerBICustomVisualTest_public.crt","pfx":"certs/PowerBICustomVisualTest_public.pfx","port":"8080","passphrase":"3598678133652331"},"visualTemplates":{"circlecard":"https://codeload.github.com/microsoft/powerbi-visuals-circlecard-react/zip/master"}}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "powerbi-visuals-tools",
3
- "version": "4.0.6",
3
+ "version": "4.0.8",
4
4
  "description": "Command line tool for creating and publishing visuals for Power BI",
5
5
  "main": "./lib/VisualPackage.js",
6
6
  "scripts": {
@@ -27,7 +27,7 @@
27
27
  "homepage": "https://github.com/Microsoft/PowerBI-visuals-tools#readme",
28
28
  "dependencies": {
29
29
  "assert": "^2.0.0",
30
- "async": "^3.2.3",
30
+ "async": "^3.2.4",
31
31
  "base64-inline-loader": "^2.0.1",
32
32
  "browserify-zlib": "^0.2.0",
33
33
  "buffer": "^6.0.3",
@@ -45,12 +45,12 @@
45
45
  "https-browserify": "^1.0.0",
46
46
  "json-loader": "0.5.7",
47
47
  "jszip": "^3.7.1",
48
- "less": "^3.11.1",
49
- "less-loader": "^10.0.1",
48
+ "less": "^3.13.1",
49
+ "less-loader": "^10.2.0",
50
50
  "lodash.clonedeep": "4.5.0",
51
51
  "lodash.defaults": "4.2.0",
52
52
  "lodash.isequal": "4.5.0",
53
- "mini-css-extract-plugin": "^1.4.0",
53
+ "mini-css-extract-plugin": "^1.6.2",
54
54
  "os-browserify": "^0.3.0",
55
55
  "path-browserify": "^1.0.1",
56
56
  "powerbi-visuals-webpack-plugin": "^2.3.1",
@@ -74,7 +74,7 @@
74
74
  "webpack-dev-server": "^4.8.1"
75
75
  },
76
76
  "devDependencies": {
77
- "eslint": "^7.31.0",
77
+ "eslint": "^7.32.0",
78
78
  "jasmine": "3.5.0",
79
79
  "jasmine-spec-reporter": "5.0.1",
80
80
  "semver": "7.1.3",
package/spec/e2e/pbivizNewSpec.js CHANGED
@@ -96,11 +96,11 @@ describe("E2E - pbiviz new", () => {
96
96
 
97
97
  it(`Verifiy size`, async () => {
98
98
  const folder = createFolder(template);
99
- const archiveSize = 49558;
99
+ const archiveSize = 10000;
100
100
  const archiveName = path.join(folder, `${template}Archive.zip`);
101
101
  await download(config.visualTemplates[template], archiveName);
102
102
  const stats = await fsPromises.stat(archiveName);
103
- await expect(stats.size).toBe(archiveSize);
103
+ await expect(stats.size).toBeGreaterThanOrEqual(archiveSize);
104
104
  await fsPromises.unlink(archiveName);
105
105
  });
106
106