github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 09:48:58 -04:00
Code Issues Projects Releases Packages Wiki Activity

Use vega-interpreter to safely evaluate Vega expressions (#98832)

Browse source 
Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
This commit is contained in:
Larry Gregory 2021-05-05 10:46:50 -04:00 committed by GitHub
parent 792845fd75
commit c238a9708b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 12 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

1
package.json
View file

@ -398,6 +398,7 @@
"utility-types": "^3.10.0",
"uuid": "3.3.2",
"vega": "^5.19.1",
"vega-interpreter": "^1.0.4",
"vega-lite": "^5.0.0",
"vega-schema-url-parser": "^2.1.0",
"vega-spec-injector": "^0.0.2",

2
src/plugins/vis_type_vega/public/vega_view/vega_base_view.js
View file

@ -10,6 +10,7 @@ import $ from 'jquery';
import moment from 'moment';
import dateMath from '@elastic/datemath';
import { scheme, loader, logger, Warn, version as vegaVersion, expressionFunction } from 'vega';
import { expressionInterpreter } from 'vega-interpreter';
import { version as vegaLiteVersion } from 'vega-lite';
import { Utils } from '../data_model/utils';
import { euiPaletteColorBlind } from '@elastic/eui';
@ -166,6 +167,7 @@ export class VegaBaseView {
createViewConfig() {
const config = {
expr: expressionInterpreter,
renderer: this._parser.renderer,
};

2
src/plugins/vis_type_vega/public/vega_view/vega_map_view/view.ts
View file

@ -183,7 +183,7 @@ export class VegaMapView extends VegaBaseView {
protected async _initViewCustomizations() {
const vegaView = new View(
parse(injectMapPropsIntoSpec(this._parser.spec)),
parse(injectMapPropsIntoSpec(this._parser.spec), undefined, { ast: true }),
this._vegaViewConfig
);

2
src/plugins/vis_type_vega/public/vega_view/vega_view.js
View file

@ -14,7 +14,7 @@ export class VegaView extends VegaBaseView {
// In some cases, Vega may be initialized twice... TBD
if (!this._$container) return;
const view = new View(parse(this._parser.spec), this._vegaViewConfig);
const view = new View(parse(this._parser.spec, undefined, { ast: true }), this._vegaViewConfig);
if (this._parser.useResize) this.updateVegaSize(view);
view.initialize(this._$container.get(0), this._$controls.get(0));

3
x-pack/plugins/ml/public/application/components/vega_chart/vega_chart_view.tsx
View file

@ -15,6 +15,7 @@ import type { TopLevelSpec } from 'vega-lite/build/vega-lite';
// @ts-ignore
import { compile } from 'vega-lite/build/vega-lite';
import { parse, View, Warn } from 'vega';
import { expressionInterpreter } from 'vega-interpreter';
import { Handler } from 'vega-tooltip';
import { htmlIdGenerator } from '@elastic/eui';
@ -29,7 +30,7 @@ export const VegaChartView: FC<VegaChartViewProps> = ({ vegaSpec }) => {
useEffect(() => {
const vgSpec = compile(vegaSpec).spec;
const view = new View(parse(vgSpec))
const view = new View(parse(vgSpec, undefined, { ast: true }), { expr: expressionInterpreter })
.logLevel(Warn)
.renderer('canvas')
.tooltip(new Handler().call)

5
yarn.lock
View file

@ -28215,6 +28215,11 @@ vega-hierarchy@~4.0.9:
vega-dataflow "^5.7.3"
vega-util "^1.15.2"
vega-interpreter@^1.0.4:
version "1.0.4"
resolved "https://registry.yarnpkg.com/vega-interpreter/-/vega-interpreter-1.0.4.tgz#291ebf85bc2d1c3550a3da22ff75b3ba0d326a39"
integrity sha512-6tpYIa/pJz0cZo5fSxDSkZkAA51pID2LjOtQkOQvbzn+sJiCaWKPFhur8MBqbcmYZ9bnap1OYNwlrvpd2qBLvg==
vega-label@~1.0.0:
version "1.0.0"
resolved "https://registry.yarnpkg.com/vega-label/-/vega-label-1.0.0.tgz#c3bea3a608a62217ca554ecc0f7fe0395d81bd1b"