chore(deps): bump bpmn-visualization from 0.35.0 to 0.36.0

[dependabot[bot]]

Bumps bpmn-visualization from 0.35.0 to 0.36.0.

Release notes

Sourced from bpmn-visualization's releases.

0.36.0

This new version brings several improvements, including enhancements to BPMN support (Ad-Hoc and Transition Sub-Processes), documentation updates, dependency updates, and maintenance. It also includes external contributions from community members.

Thanks to all the contributors of this release 🌈: @​brendanlaschke, @​csouchet and @​tbouffard

See milestone 0.36.0 to get the list of issues covered by this release.

Highlights

🚀 BPMN support

Transition Sub-Process

We have introduced the support for the Transition Sub-Process.

See the image below for an example:

Ad-Hoc Sub-Process

We have also added the parsing functionality for the Ad-Hoc Sub-Process, although their visualization is not yet implemented.

⚠️ Please note that the rendering of the Ad-Hoc marker will be implemented in a future release.

See the image below for a representation:

External Contributions

We are excited to include the following external contributions in this release:

Vue Example

A new integration project for Vue has been contributed to the bpmn-visualization Examples repository.

ℹ️ Check it out here.

Dependencies

We have addressed a security vulnerability related to fast-xml-parser (#2736). It's important to note that bpmn-visualization itself is not vulnerable to this CVE as it doesn't use the processEntities feature implicated in the vulnerability. However, we recommend updating your application to the latest version of bpmn-visualization for optimal security.

ℹ️ Further information can be found here.

... (truncated)

Commits

• b9cc583 chore(release): 0.36.0
• b344c6e chore(release): prepare version for release
• e90167a refactor!: transform StyleDefault into an object (#2728)
• 55f6343 chore(deps): bump @​typed-mxgraph/typed-mxgraph from 1.0.7 to 1.0.8 (#2737)
• b14aba3 chore(deps): bump fast-xml-parser from 4.2.2 to 4.2.4 (#2736)
• 2fef106 chore(deps-dev): bump typescript from 5.0.4 to 5.1.3 (#2729)
• af433d4 feat: detect Ad-Hoc Sub-Processes (#2723)
• 019f539 docs: improve paragraphs about colors and styles (#2734)
• efb0fac test: simplify integration tests (#2727)
• b387091 chore(deps-dev): bump vite from 4.3.8 to 4.3.9 (#2731)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[tbouffard]

@dependabot squash and merge