Merge branch 'develop' into feature/hideUnusedParticipants_1210

2025-01-14 06:43:25 +08:00 · 2022-04-28 17:38:48 +02:00 · 2022-04-28 17:38:48 +02:00 · 386f3c7ce9
commit 386f3c7ce9
parent 4c93870580 7c25fb572e
26 changed files with 491 additions and 137 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -2,6 +2,9 @@ name: Build

 on: [push, pull_request]

+permissions:
+  contents: read
+
 jobs:
  build:
    runs-on: ubuntu-latest
--- a/.github/workflows/check-readme-in-sync.yml
+++ b/.github/workflows/check-readme-in-sync.yml
@ -10,6 +10,9 @@ on:
    branches:
      - gh-pages

+permissions:
+  contents: read
+
 jobs:
  check:
    runs-on: ubuntu-latest
--- a/.github/workflows/e2e
+++ b/.github/workflows/e2e
@ -2,6 +2,9 @@ name: E2E

 on: [push, pull_request]

+permissions:
+  contents: read
+
 jobs:
  build:
    runs-on: ubuntu-latest
--- a/README.md
+++ b/README.md
@ -6,6 +6,8 @@ English | [简体中文](./README.zh-CN.md)

 :trophy: **Mermaid was nominated and won the [JS Open Source Awards (2019)](https://osawards.com/javascript/2019) in the category "The most exciting use of technology"!!!**

+
+
 **Thanks to all involved, people committing pull requests, people answering questions! 🙏**

 <a href="https://mermaid-js.github.io/mermaid/landing/"><img src="https://github.com/mermaid-js/mermaid/blob/master/docs/img/book-banner-post-release.jpg" alt="Explore Mermaid.js in depth, with real-world examples, tips & tricks from the creator... The first official book on Mermaid is available for purchase. Check it out!"></a>
@ -40,8 +42,7 @@ __The following are some examples of the diagrams, charts and graphs that can be

 ```
 flowchart LR 
-title Example flow chart
-accDescripton Flow chart showing examples of node usage
+
 A[Hard] -->|Text| B(Round)
 B --> C{Decision}
 C -->|One| D[Result 1]
@ -49,8 +50,7 @@ C -->|Two| E[Result 2]
 ```
 ```mermaid
 flowchart LR
-title Example flow chart
-accDescripton Flow chart showing examples of node usage
+
 A[Hard] -->|Text| B(Round)
 B --> C{Decision}
 C -->|One| D[Result 1]
--- a/cypress/integration/other/xss.spec.js
+++ b/cypress/integration/other/xss.spec.js
@ -115,4 +115,18 @@ describe('XSS', () => {
    cy.wait(1000);
    cy.get('#the-malware').should('not.exist');
  });
+  it('should sanitize colons properly', () => {
+    cy.visit('http://localhost:9000/xss20.html');
+    cy.wait(1000);
+    cy.get('a').click('');
+    cy.wait(1000);
+    cy.get('#the-malware').should('not.exist');
+  });
+  it('should sanitize colons properly', () => {
+    cy.visit('http://localhost:9000/xss21.html');
+    cy.wait(1000);
+    cy.get('a').click('');
+    cy.wait(1000);
+    cy.get('#the-malware').should('not.exist');
+  });
 });
--- a/cypress/platform/xss20.html
+++ b/cypress/platform/xss20.html
@ -0,0 +1,105 @@
+<html>
+  <head>
+    <link
+      href="https://fonts.googleapis.com/css?family=Montserrat&display=swap"
+      rel="stylesheet"
+    />
+    <link href="https://unpkg.com/tailwindcss@^1.0/dist/tailwind.min.css" rel="stylesheet">
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
+    <link href="https://fonts.googleapis.com/css?family=Noto+Sans+SC&display=swap" rel="stylesheet">
+    <style>
+      body {
+        /* background: rgb(221, 208, 208); */
+        /* background:#333; */
+        font-family: 'Arial';
+        /* font-size: 18px !important; */
+        }
+      h1 { color: grey;}
+      .mermaid2 {
+        display: none;
+      }
+      .mermaid svg {
+        /* font-size: 18px !important; */
+      }
+      .malware {
+        position: fixed;
+        bottom:0;
+        left:0;
+        right:0;
+        height: 150px;
+        background: red;
+        color: black;
+        display: flex;
+        display: flex;
+        justify-content: center;
+        align-items: center;
+        font-family: monospace;
+        font-size: 72px;
+      }
+    </style>
+  </head>
+  <body>
+    <div>Security check</div>
+    <div class="flex">
+      <div id="diagram" class="mermaid"></div>
+      <div id="res" class=""></div>
+  <script src="./mermaid.js"></script>
+    <script>
+      mermaid.parseError = function (err, hash) {
+        // console.error('Mermaid error: ', err);
+      };
+      mermaid.initialize({
+        theme: 'forest',
+        arrowMarkerAbsolute: true,
+        // themeCSS: '.edgePath .path {stroke: red;} .arrowheadPath {fill: red;}',
+        logLevel: 5,
+        state: {
+          defaultRenderer: 'dagre-d3',
+        },
+        flowchart: {
+          // defaultRenderer: 'dagre-wrapper',
+          nodeSpacing: 10,
+    curve: 'cardinal',
+    htmlLabels: true,
+        },
+        htmlLabels: true,
+        // gantt: { axisFormat: '%m/%d/%Y' },
+        sequence: { actorFontFamily: 'courier', actorMargin: 50, showSequenceNumbers: false },
+        // sequenceDiagram: { actorMargin: 300 } // deprecated
+        // fontFamily: '"times", sans-serif',
+        // fontFamily: 'courier',
+        fontSize: 18,
+        curve: 'basis',
+        // securityLevel: 'loose',
+        startOnLoad: false,
+        secure: ['secure', 'securityLevel', 'startOnLoad', 'maxTextSize'],
+        // themeVariables: {relationLabelColor: 'red'}
+      });
+      function callback() {
+  alert('It worked');
+}
+      function xssAttack() {
+        const div = document.createElement('div');
+        div.id = 'the-malware';
+        div.className = 'malware';
+        div.innerHTML = 'XSS Succeeded';
+        document.getElementsByTagName('body')[0].appendChild(div);
+        throw new Error('XSS Succeded');
+      }
+
+//       var diagram = `  graph TD
+// A --> B["&lt;a href='javasc`;
+// diagram += `ript#colon;xssAttack()'&gt;AAA&lt;/a&gt;"]`;
+      var diagram = `  graph TD
+A --> B["<a href='javasc`;
+diagram += `ript#colon;xssAttack()'>AAA</a>"]`;
+// diagram += '//via.placeholder.com/64\' width=64 />"]';
+// document.querySelector('#diagram').innerHTML = diagram;
+mermaid.render('diagram', diagram, (res) => {
+  // console.log(res);
+  document.querySelector('#res').innerHTML = res;
+});
+    </script>
+  </body>
+</html>
+
--- a/cypress/platform/xss21.html
+++ b/cypress/platform/xss21.html
@ -0,0 +1,105 @@
+<html>
+  <head>
+    <link
+      href="https://fonts.googleapis.com/css?family=Montserrat&display=swap"
+      rel="stylesheet"
+    />
+    <link href="https://unpkg.com/tailwindcss@^1.0/dist/tailwind.min.css" rel="stylesheet">
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
+    <link href="https://fonts.googleapis.com/css?family=Noto+Sans+SC&display=swap" rel="stylesheet">
+    <style>
+      body {
+        /* background: rgb(221, 208, 208); */
+        /* background:#333; */
+        font-family: 'Arial';
+        /* font-size: 18px !important; */
+        }
+      h1 { color: grey;}
+      .mermaid2 {
+        display: none;
+      }
+      .mermaid svg {
+        /* font-size: 18px !important; */
+      }
+      .malware {
+        position: fixed;
+        bottom:0;
+        left:0;
+        right:0;
+        height: 150px;
+        background: red;
+        color: black;
+        display: flex;
+        display: flex;
+        justify-content: center;
+        align-items: center;
+        font-family: monospace;
+        font-size: 72px;
+      }
+    </style>
+  </head>
+  <body>
+    <div>Security check</div>
+    <div class="flex">
+      <div id="diagram" class="mermaid"></div>
+      <div id="res" class=""></div>
+  <script src="./mermaid.js"></script>
+    <script>
+      mermaid.parseError = function (err, hash) {
+        // console.error('Mermaid error: ', err);
+      };
+      mermaid.initialize({
+        theme: 'forest',
+        arrowMarkerAbsolute: true,
+        // themeCSS: '.edgePath .path {stroke: red;} .arrowheadPath {fill: red;}',
+        logLevel: 0,
+        state: {
+          defaultRenderer: 'dagre-d3',
+        },
+        flowchart: {
+          // defaultRenderer: 'dagre-wrapper',
+          nodeSpacing: 10,
+    curve: 'cardinal',
+    htmlLabels: true,
+        },
+        htmlLabels: true,
+        // gantt: { axisFormat: '%m/%d/%Y' },
+        sequence: { actorFontFamily: 'courier', actorMargin: 50, showSequenceNumbers: false },
+        // sequenceDiagram: { actorMargin: 300 } // deprecated
+        // fontFamily: '"times", sans-serif',
+        // fontFamily: 'courier',
+        fontSize: 18,
+        curve: 'basis',
+        // securityLevel: 'loose',
+        startOnLoad: false,
+        secure: ['secure', 'securityLevel', 'startOnLoad', 'maxTextSize'],
+        // themeVariables: {relationLabelColor: 'red'}
+      });
+      function callback() {
+  alert('It worked');
+}
+      function xssAttack() {
+        const div = document.createElement('div');
+        div.id = 'the-malware';
+        div.className = 'malware';
+        div.innerHTML = 'XSS Succeeded';
+        document.getElementsByTagName('body')[0].appendChild(div);
+        throw new Error('XSS Succeded');
+      }
+
+//       var diagram = `  graph TD
+// A --> B["&lt;a href='javasc`;
+// diagram += `ript#colon;xssAttack()'&gt;AAA&lt;/a&gt;"]`;
+      var diagram = `  graph TD
+A --> B["<a href='javasc`;
+diagram += `ript#9;t#colon;xssAttack()'>AAA</a>"]`;
+// diagram += '//via.placeholder.com/64\' width=64 />"]';
+// document.querySelector('#diagram').innerHTML = diagram;
+mermaid.render('diagram', diagram, (res) => {
+  console.log(res);
+  document.querySelector('#res').innerHTML = res;
+});
+    </script>
+  </body>
+</html>
+
--- a/cypress/platform/xss22.html
+++ b/cypress/platform/xss22.html
@ -0,0 +1,16 @@
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="utf-8">
+</head>
+<body>
+  <div class="mermaid">
+  graph TD
+A --&gt; B["&lt;a href='javascript#9;t#colon;alert(document.location)'&gt;AAA&lt;/a&gt;"]
+  </div>
+<script src="./mermaid.js"></script>
+ <script>mermaid.initialize({ startOnLoad: true });
+</script>
+</body>
+</html>
--- a/demos/index.html
+++ b/demos/index.html
@ -385,8 +385,7 @@
    A -->|Get money| B1[(Go shopping 1)]
    A -->|Get money| B2[(Go shopping 2)]
    A -->|Get money| B3[(Go shopping 3)]
-    C[(Let me think...<br />Do I want something for work,<br />something to spend every free second with,<br />or
- something to get around?)]
+    C[(Let me think...<br />Do I want something for work,<br />something to spend every free second with,<br />or something to get around?)]
    B1 --> C
    B2 --> C
    B3 --> C
@ -518,8 +517,10 @@
    sequenceDiagram
    autonumber
    Alice->>John: Hello John,<br>how are you?
+    autonumber 50 10
    Alice->>John: John,<br />can you hear me?
    John-->>Alice: Hi Alice,<br />I can hear you!
+    autonumber off
    John-->>Alice: I feel great!
  </div>

@ -601,10 +602,11 @@
    gitGraph:
    options
    {
-    "nodeSpacing": 150,
-    "nodeRadius": 10
+    "nodeSpacing": 50, 
+    "nodeRadius": 5
    }
    end
+    branch master
    commit
    branch newbranch
    checkout newbranch
--- a/demos/sequence.html
+++ b/demos/sequence.html
@ -24,6 +24,7 @@
 		participant Alice
 		participant Bob
 		participant John as John<br />Second Line
+		autonumber 10 10
 		rect rgb(200, 220, 100)
 		rect rgb(200, 255, 200)
 		Alice ->> Bob: Hello Bob, how are you?
@ -39,14 +40,17 @@
 		Bob-x John:wrap: John! Are you still debating about how you're doing? How long does it take??
 		Note over John: After a few more moments, John<br />finally snaps out of it.
 		end
+		autonumber off
 		alt either this
 		Alice->>+John: Yes
    John-->>-Alice: OK
 		else or this
+		autonumber
 		Alice->>John: No
 		else or this will happen
 		Alice->John: Maybe
 		end
+		autonumber 200
 		par this happens in parallel
 		Alice -->> Bob: Parallel message 1
 		and
--- a/docs/examples.md
+++ b/docs/examples.md
@ -140,7 +140,7 @@ sequenceDiagram

 ```

-A commit flow diagram.
+## A commit flow diagram.
 ```mermaid
 gitGraph:
    commit "Ashish"
--- a/docs/flowchart.md
+++ b/docs/flowchart.md
@ -7,7 +7,7 @@ All Flowcharts are composed of **nodes**, the geometric shapes and **edges**, th
 It can also accommodate different arrow types, multi directional arrows, and linking to and from subgraphs.

 > **Important note**: Do not type the word "end" as a Flowchart node. Capitalize all or any one the letters to keep the flowchart from breaking, i.e, "End" or "END". Or you can apply this [workaround](https://github.com/mermaid-js/mermaid/issues/1444#issuecomment-639528897).**
-Node
+
 ### A node (default)

 ```mermaid-example
--- a/docs/index.html
+++ b/docs/index.html
@ -17,7 +17,7 @@
    />
    <!-- <link rel="stylesheet" href="//unpkg.com/docsify/lib/themes/vue.css"> -->
    <link rel="stylesheet" href="theme.css" />
-    <script src="//cdn.jsdelivr.net/npm/mermaid@9.0.0/dist/mermaid.min.js"></script>
+    <script src="//cdn.jsdelivr.net/npm/mermaid@9.0.1/dist/mermaid.min.js"></script>
    <!-- <script src="http://localhost:9000/mermaid.js"></script> -->
    <script>
      // prettier-ignore
@ -96,7 +96,7 @@
        markdown: {
          renderer: {
            code: function (code, lang) {
-              if (lang.startsWith('mermaid') || lang === 'mmd') {
+              if (lang && (lang.startsWith('mermaid') || lang === 'mmd')) {
                var resultingHTML = '';

                if (lang === 'mmd' || lang === 'mermaid-example') {
--- a/jest.config.js
+++ b/jest.config.js
@ -9,7 +9,7 @@ module.exports = {
      { 'token-stack': true },
    ],
  },
-  transformIgnorePatterns: ['/node_modules/(?!dagre-d3-renderer/lib).*\\.js'],
+  transformIgnorePatterns: ['/node_modules/(?!dagre-d3-renderer/lib|khroma).*\\.js'],
  moduleNameMapper: {
    '\\.(css|scss)$': 'identity-obj-proxy',
  },
--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "mermaid",
-  "version": "9.0.0",
+  "version": "9.0.1",
  "description": "Markdownish syntax for generating flowcharts, sequence diagrams, class diagrams, gantt charts and git graphs.",
  "main": "dist/mermaid.core.js",
  "module": "dist/mermaid.esm.min.mjs",
@ -63,7 +63,7 @@
    "dagre-d3": "^0.6.4",
    "dompurify": "2.3.6",
    "graphlib": "^2.1.8",
-    "khroma": "^1.4.1",
+    "khroma": "^2.0.0",
    "moment-mini": "^2.24.0",
    "stylis": "^4.0.10"
  },
@ -79,7 +79,7 @@
    "concurrently": "^7.0.0",
    "coveralls": "^3.0.2",
    "css-to-string-loader": "^0.1.3",
-    "cypress": "9.5.3",
+    "cypress": "9.5.4",
    "cypress-image-snapshot": "^4.0.1",
    "documentation": "13.2.0",
    "eslint": "^8.2.0",
--- a/src/diagrams/common/common.js
+++ b/src/diagrams/common/common.js
@ -59,6 +59,7 @@ export const removeScript = (txt) => {
  let decodedText = removeEscapes(rs);
  decodedText = decodedText.replace(/script>/gi, '#');
  decodedText = decodedText.replace(/javascript:/gi, '#');
+  decodedText = decodedText.replace(/javascript&colon/gi, '#');
  decodedText = decodedText.replace(/onerror=/gi, 'onerror:');
  decodedText = decodedText.replace(/<iframe/gi, '');
  return decodedText;
--- a/src/diagrams/git/gitGraphAst.js
+++ b/src/diagrams/git/gitGraphAst.js
@ -136,7 +136,7 @@ export const branch = function (name) {
  }
 };

-export const merge = function (otherBranch) {
+export const merge = function (otherBranch, tag) {
  otherBranch = common.sanitizeText(otherBranch, configApi.getConfig());
  const currentCommit = commits[branches[curBranch]];
  const otherCommit = commits[branches[otherBranch]];
@ -213,6 +213,7 @@ export const merge = function (otherBranch) {
    parents: [head == null ? null : head.id, branches[otherBranch]],
    branch: curBranch,
    type: commitType.MERGE,
+    tag: tag ? tag : '',
  };
  head = commit;
  commits[commit.id] = commit;
--- a/src/diagrams/git/gitGraphParserV2.spec.js
+++ b/src/diagrams/git/gitGraphParserV2.spec.js
@ -336,6 +336,20 @@ describe('when parsing a gitGraph', function () {
    expect(Object.keys(parser.yy.getBranches()).length).toBe(2);
  });

+  it('should allow _-./ characters in branch names', function () {
+    const str = `gitGraph:
+    commit
+    branch azAZ_-./test
+    `;
+
+    parser.parse(str);
+    const commits = parser.yy.getCommits();
+    expect(Object.keys(commits).length).toBe(1);
+    expect(parser.yy.getCurrentBranch()).toBe('azAZ_-./test');
+    expect(parser.yy.getDirection()).toBe('LR');
+    expect(Object.keys(parser.yy.getBranches()).length).toBe(2);
+  });
+
  it('should handle new branch checkout', function () {
    const str = `gitGraph:
    commit
@ -411,6 +425,41 @@ describe('when parsing a gitGraph', function () {
    ]);
  });

+  it('should handle merge tags', function () {
+    const str = `gitGraph:
+    commit
+    branch testBranch
+    checkout testBranch
+    commit
+    checkout main
+    merge testBranch tag: "merge-tag"
+    `;
+
+    parser.parse(str);
+    const commits = parser.yy.getCommits();
+    expect(Object.keys(commits).length).toBe(3);
+    expect(parser.yy.getCurrentBranch()).toBe('main');
+    expect(parser.yy.getDirection()).toBe('LR');
+    expect(Object.keys(parser.yy.getBranches()).length).toBe(2);
+    const commit1 = Object.keys(commits)[0];
+    const commit2 = Object.keys(commits)[1];
+    const commit3 = Object.keys(commits)[2];
+
+    expect(commits[commit1].branch).toBe('main');
+    expect(commits[commit1].parents).toStrictEqual([]);
+
+    expect(commits[commit2].branch).toBe('testBranch');
+    expect(commits[commit2].parents).toStrictEqual([commits[commit1].id]);
+
+    expect(commits[commit3].branch).toBe('main');
+    expect(commits[commit3].parents).toStrictEqual([commits[commit1].id, commits[commit2].id]);
+    expect(commits[commit3].tag).toBe('merge-tag');
+    expect(parser.yy.getBranchesAsObjArray()).toStrictEqual([
+      { name: 'main' },
+      { name: 'testBranch' },
+    ]);
+  });
+
  it('should throw error when try to branch existing branch: main', function () {
    const str = `gitGraph
    commit
--- a/src/diagrams/git/parser/gitGraph.jison
+++ b/src/diagrams/git/parser/gitGraph.jison
@ -43,13 +43,13 @@
 "BT"                                    return 'DIR';
 ":"                                     return ':';
 "^"                                     return 'CARET'
-"options"\r?\n                         this.begin("options");
-<options>"end"\r?\n                    this.popState();
-<options>[^\n]+\r?\n                   return 'OPT';
+"options"\r?\n                          this.begin("options"); //
+<options>[ \r\n\t]+"end"                this.popState();       // not used anymore in the renderer, fixed for backward compatibility
+<options>[\s\S]+(?=[ \r\n\t]+"end")     return 'OPT';          //
 ["]                                     this.begin("string");
 <string>["]                             this.popState();
 <string>[^"]*                           return 'STR';
-[a-zA-Z][-_\.a-zA-Z0-9]*[-_a-zA-Z0-9]  return 'ID';
+[a-zA-Z][-_\./a-zA-Z0-9]*[-_a-zA-Z0-9]  return 'ID';
 <<EOF>>                                 return 'EOF';

 /lex
@ -89,11 +89,17 @@ line

 statement
    : commitStatement
+    | mergeStatement
    | BRANCH ID {yy.branch($2)}
    | CHECKOUT ID {yy.checkout($2)}
-    | MERGE ID {yy.merge($2)}
    // | RESET reset_arg {yy.reset($2)}
    ;
+
+mergeStatement
+    : MERGE ID {yy.merge($2)}
+    | MERGE ID COMMIT_TAG STR {yy.merge($2, $4)}
+    ;
+
 commitStatement
    : COMMIT commit_arg {yy.commit($2)}
    | COMMIT COMMIT_TAG STR {yy.commit('','',yy.commitType.NORMAL,$3)}
--- a/src/diagrams/sequence/parser/sequenceDiagram.jison
+++ b/src/diagrams/sequence/parser/sequenceDiagram.jison
@ -32,6 +32,7 @@
 <INITIAL,ID,ALIAS,LINE,arg_directive,type_directive,open_directive>\#[^\n]*   /* skip comments */
 \%%(?!\{)[^\n]*                                                 /* skip comments */
 [^\}]\%\%[^\n]*                                                 /* skip comments */
+[0-9]+(?=[ \n]+)       											return 'NUM';
 "participant"                                                   { this.begin('ID'); return 'participant'; }
 "actor"                                                   	{ this.begin('ID'); return 'participant_actor'; }
 <ID>[^\->:\n,;]+?(?=((?!\n)\s)+"as"(?!\n)\s|[#\n;]|$)           { yytext = yytext.trim(); this.begin('ALIAS'); return 'ACTOR'; }
@ -61,6 +62,7 @@
 "accDescription"\s[^#\n;]+       								return 'accDescription';
 "sequenceDiagram"                                               return 'SD';
 "autonumber"                                                    return 'autonumber';
+"off"															return 'off';
 ","                                                             return ',';
 ";"                                                             return 'NEWLINE';
 [^\+\->:\n,;]+((?!(\-x|\-\-x|\-\)|\-\-\)))[\-]*[^\+\->:\n,;]+)*             { yytext = yytext.trim(); return 'ACTOR'; }
@ -115,7 +117,10 @@ statement
 	| 'participant_actor' actor 'AS' restOfLine 'NEWLINE' {$2.type='addActor';$2.description=yy.parseMessage($4); $$=$2;}
 	| 'participant_actor' actor 'NEWLINE' {$2.type='addActor'; $$=$2;}
 	| signal 'NEWLINE'
-	| autonumber {yy.enableSequenceNumbers()}
+	| autonumber NUM NUM 'NEWLINE' { $$= {type:'sequenceIndex',sequenceIndex: Number($2), sequenceIndexStep:Number($3), sequenceVisible:true, signalType:yy.LINETYPE.AUTONUMBER};}
+	| autonumber NUM 'NEWLINE' { $$ = {type:'sequenceIndex',sequenceIndex: Number($2), sequenceIndexStep:1, sequenceVisible:true, signalType:yy.LINETYPE.AUTONUMBER};}
+	| autonumber off 'NEWLINE' { $$ = {type:'sequenceIndex', sequenceVisible:false, signalType:yy.LINETYPE.AUTONUMBER};}
+	| autonumber 'NEWLINE'  {$$ = {type:'sequenceIndex', sequenceVisible:true, signalType:yy.LINETYPE.AUTONUMBER}; }
 	| 'activate' actor 'NEWLINE' {$$={type: 'activeStart', signalType: yy.LINETYPE.ACTIVE_START, actor: $2};}
 	| 'deactivate' actor 'NEWLINE' {$$={type: 'activeEnd', signalType: yy.LINETYPE.ACTIVE_END, actor: $2};}
 	| note_statement 'NEWLINE'
--- a/src/diagrams/sequence/sequenceDb.js
+++ b/src/diagrams/sequence/sequenceDb.js
@ -125,6 +125,9 @@ export const getTitle = function () {
 export const enableSequenceNumbers = function () {
  sequenceNumbersEnabled = true;
 };
+export const disableSequenceNumbers = function () {
+  sequenceNumbersEnabled = false;
+};
 export const showSequenceNumbers = () => sequenceNumbersEnabled;

 export const setWrap = function (wrapSetting) {
@ -178,6 +181,7 @@ export const LINETYPE = {
  RECT_END: 23,
  SOLID_POINT: 24,
  DOTTED_POINT: 25,
+  AUTONUMBER: 26,
 };

 export const ARROWTYPE = {
@ -333,6 +337,19 @@ export const apply = function (param) {
    });
  } else {
    switch (param.type) {
+      case 'sequenceIndex':
+        messages.push({
+          from: undefined,
+          to: undefined,
+          message: {
+            start: param.sequenceIndex,
+            step: param.sequenceIndexStep,
+            visible: param.sequenceVisible,
+          },
+          wrap: false,
+          type: param.signalType,
+        });
+        break;
      case 'addParticipant':
        addActor(param.actor, param.actor, param.description, 'participant');
        break;
@ -425,6 +442,7 @@ export default {
  autoWrap,
  setWrap,
  enableSequenceNumbers,
+  disableSequenceNumbers,
  showSequenceNumbers,
  getMessages,
  getActors,
--- a/src/diagrams/sequence/sequenceDiagram.spec.js
+++ b/src/diagrams/sequence/sequenceDiagram.spec.js
@ -47,6 +47,7 @@ Note right of Bob: Bob thinks
 Bob-->Alice: I am good thanks!`;

    mermaidAPI.parse(str);
+    renderer.draw(str, 'tst'); // needs to be rendered for the correct value of visibility autonumbers
    expect(parser.yy.showSequenceNumbers()).toBe(false);
  });
  it('it should show sequence numbers when autonumber is enabled', function () {
@ -58,6 +59,7 @@ Note right of Bob: Bob thinks
 Bob-->Alice: I am good thanks!`;

    mermaidAPI.parse(str);
+    renderer.draw(str, 'tst'); // needs to be rendered for the correct value of visibility autonumbers
    expect(parser.yy.showSequenceNumbers()).toBe(true);
  });
  it('it should handle a sequenceDiagram definition with a title:', function () {
@ -1676,6 +1678,7 @@ Note right of Bob: Bob thinks
 Bob-->Alice: I am good thanks!`;

    mermaidAPI.parse(str1);
+    renderer.draw(str1, 'tst'); // needs to be rendered for the correct value of visibility autonumbers
    expect(parser.yy.showSequenceNumbers()).toBe(true);

    const str2 = `
@ -1685,6 +1688,7 @@ Note right of Bob: Bob thinks
 Bob-->Alice: I am good thanks!`;

    mermaidAPI.parse(str2);
+    renderer.draw(str2, 'tst');
    expect(parser.yy.showSequenceNumbers()).toBe(false);
  });
 });
--- a/src/diagrams/sequence/sequenceRenderer.js
+++ b/src/diagrams/sequence/sequenceRenderer.js
@ -329,7 +329,7 @@ const boundMessage = function (diagram, msgModel) {
 * @param {float} lineStarty - The Y coordinate at which the message line starts
 */
 const drawMessage = function (diagram, msgModel, lineStarty) {
-  const { startx, stopx, starty, message, type, sequenceIndex } = msgModel;
+  const { startx, stopx, starty, message, type, sequenceIndex, sequenceVisible } = msgModel;
  let textDims = utils.calculateTextDimensions(message, messageFont(conf));
  const textObj = svgDraw.getTextObj();
  textObj.x = startx;
@ -432,7 +432,7 @@ const drawMessage = function (diagram, msgModel, lineStarty) {
  }

  // add node number
-  if (sequenceDb.showSequenceNumbers() || conf.showSequenceNumbers) {
+  if (sequenceVisible || conf.showSequenceNumbers) {
    line.attr('marker-start', 'url(' + url + '#sequencenumber)');
    diagram
      .append('text')
@ -653,6 +653,7 @@ export const draw = function (text, id) {

  // Draw the messages/signals
  let sequenceIndex = 1;
+  let sequenceIndexStep = 1;
  let messagesToDraw = Array();
  messages.forEach(function (msg) {
    let loopModel, noteModel, msgModel;
@ -757,12 +758,19 @@ export const draw = function (text, id) {
        bounds.bumpVerticalPos(loopModel.stopy - bounds.getVerticalPos());
        bounds.models.addLoop(loopModel);
        break;
+      case parser.yy.LINETYPE.AUTONUMBER:
+        sequenceIndex = msg.message.start || sequenceIndex;
+        sequenceIndexStep = msg.message.step || sequenceIndexStep;
+        if (msg.message.visible) parser.yy.enableSequenceNumbers();
+        else parser.yy.disableSequenceNumbers();
+        break;
      default:
        try {
          // lastMsg = msg
          msgModel = msg.msgModel;
          msgModel.starty = bounds.getVerticalPos();
          msgModel.sequenceIndex = sequenceIndex;
+          msgModel.sequenceVisible = parser.yy.showSequenceNumbers();
          let lineStarty = boundMessage(diagram, msgModel);
          messagesToDraw.push({ messageModel: msgModel, lineStarty: lineStarty });
          bounds.models.addMessage(msgModel);
@ -784,7 +792,7 @@ export const draw = function (text, id) {
        parser.yy.LINETYPE.DOTTED_POINT,
      ].includes(msg.type)
    ) {
-      sequenceIndex++;
+      sequenceIndex = sequenceIndex + sequenceIndexStep;
    }
  });

--- a/src/mermaid.js
+++ b/src/mermaid.js
@ -30,6 +30,18 @@ import utils from './utils';
 * Renders the mermaid diagrams
 */
 const init = function () {
+  try {
+    initThrowsErrors();
+  } catch (e) {
+    log.warn('Syntax Error rendering');
+    log.warn(e);
+    if (this.parseError) {
+      this.parseError(e);
+    }
+  }
+};
+
+const initThrowsErrors = function () {
  const conf = mermaidAPI.getConfig();
  // console.log('Starting rendering diagrams (init) - mermaid.init', conf);
  let nodes;
@ -109,7 +121,6 @@ const init = function () {
      log.debug('Detected early reinit: ', init);
    }

-    try {
    mermaidAPI.render(
      id,
      txt,
@ -122,13 +133,6 @@ const init = function () {
      },
      element
    );
-    } catch (e) {
-      log.warn('Syntax Error rendering');
-      log.warn(e);
-      if (this.parseError) {
-        this.parseError(e);
-      }
-    }
  }
 };

--- a/src/mermaidAPI.js
+++ b/src/mermaidAPI.js
@ -62,6 +62,7 @@ import { log, setLogLevel } from './logger';
 import getStyles from './styles';
 import theme from './themes';
 import utils, { directiveSanitizer, assignWithDepth, sanitizeCss } from './utils';
+import DOMPurify from 'dompurify';

 /**
 * @param text
@ -80,9 +81,9 @@ function parse(text) {
  log.debug('Type ' + graphType);
  switch (graphType) {
    case 'gitGraph':
+      gitGraphAst.clear();
      parser = gitGraphParser;
      parser.parser.yy = gitGraphAst;
-      parser.parser.yy.clear();
      break;
    case 'flowchart':
      flowDb.clear();
@ -223,7 +224,7 @@ export const decodeEntities = function (text) {
 */
 const render = function (id, _txt, cb, container) {
  configApi.reset();
-  let txt = _txt;
+  let txt = _txt.replace(/\r\n?/g, '\n'); // parser problems on CRLF ignore all CR and leave LF;;
  const graphInit = utils.detectInit(txt);
  if (graphInit) {
    directiveSanitizer(graphInit);
@ -542,6 +543,13 @@ const render = function (id, _txt, cb, container) {
    )}" sandbox="allow-top-navigation-by-user-activation allow-popups">
  The “iframe” tag is not supported by your browser.
 </iframe>`;
+  } else {
+    if (cnf.securityLevel !== 'loose') {
+      svgCode = DOMPurify.sanitize(svgCode, {
+        ADD_TAGS: ['foreignobject'],
+        ADD_ATTR: ['dominant-baseline'],
+      });
+    }
  }

  if (typeof cb !== 'undefined') {
--- a/yarn.lock
+++ b/yarn.lock
@ -1501,19 +1501,19 @@
  resolved "https://registry.yarnpkg.com/@discoveryjs/json-ext/-/json-ext-0.5.6.tgz#d5e0706cf8c6acd8c6032f8d54070af261bbbb2f"
  integrity sha512-ws57AidsDvREKrZKYffXddNkyaF14iHNHm8VQnZH6t99E8gczjNN0GpvcGny0imC80yQ0tHz1xVUKk/KFQSUyA==

-"@es-joy/jsdoccomment@~0.22.1":
-  version "0.22.1"
-  resolved "https://registry.yarnpkg.com/@es-joy/jsdoccomment/-/jsdoccomment-0.22.1.tgz#3c86d458780231769215a795105bd3b03b2616f2"
-  integrity sha512-/WMkqLYfwCf0waCAMC8Eddt3iAOdghkDF5vmyKEu8pfO66KRFY1L15yks8mfgURiwOAOJpAQ3blvB3Znj6ZwBw==
+"@es-joy/jsdoccomment@~0.29.0":
+  version "0.29.0"
+  resolved "https://registry.yarnpkg.com/@es-joy/jsdoccomment/-/jsdoccomment-0.29.0.tgz#527c7eefadeaf5c5d0c3b2721b5fa425d2119e98"
+  integrity sha512-4yKy5t+/joLihG+ei6CCU6sc08sjUdEdXCQ2U+9h9VP13EiqHQ4YMgDC18ys/AsLdJDBX3KRx/AWY6PR7hn52Q==
  dependencies:
    comment-parser "1.3.1"
    esquery "^1.4.0"
-    jsdoc-type-pratt-parser "~2.2.5"
+    jsdoc-type-pratt-parser "~3.0.1"

-"@eslint/eslintrc@^1.2.1":
-  version "1.2.1"
-  resolved "https://registry.yarnpkg.com/@eslint/eslintrc/-/eslintrc-1.2.1.tgz#8b5e1c49f4077235516bc9ec7d41378c0f69b8c6"
-  integrity sha512-bxvbYnBPN1Gibwyp6NrpnFzA3YtRL3BBAyEAFVIpNTm2Rn4Vy87GA5M4aSn3InRrlsbX5N0GW7XIx+U4SAEKdQ==
+"@eslint/eslintrc@^1.2.2":
+  version "1.2.2"
+  resolved "https://registry.yarnpkg.com/@eslint/eslintrc/-/eslintrc-1.2.2.tgz#4989b9e8c0216747ee7cca314ae73791bb281aae"
+  integrity sha512-lTVWHs7O2hjBFZunXTZYnYqtB9GakA1lnxIf+gKq2nY5gxkkNi/lQvveW6t8gFdOHTg6nG50Xs95PrLqVpcaLg==
  dependencies:
    ajv "^6.12.4"
    debug "^4.3.2"
@ -2646,9 +2646,9 @@ astral-regex@^2.0.0:
  integrity sha512-Z7tMw1ytTXt5jqMcOP+OQteU1VuNK9Y02uuJtKQ1Sv69jXQKKg5cibLwGJow8yzZP+eAc18EmLGPal0bp36rvQ==

 async@^2.6.2:
-  version "2.6.3"
-  resolved "https://registry.yarnpkg.com/async/-/async-2.6.3.tgz#d72625e2344a3656e3a3ad4fa749fa83299d82ff"
-  integrity sha512-zflvls11DCy+dQWzTW2dzuilv8Z5X/pjfmZOWba6TNIVDm+2UDaJmXSOXlasHKfNBs8oo3M0aT50fDEWfKZjXg==
+  version "2.6.4"
+  resolved "https://registry.yarnpkg.com/async/-/async-2.6.4.tgz#706b7ff6084664cd7eae713f6f965433b5504221"
+  integrity sha512-mzo5dfJYwAn29PeiJ0zvwTo04zj8HDJj0Mn8TD7sno7q12prdbnasKJHhkm2c1LgrhlJ0teaea8860oxi51mGA==
  dependencies:
    lodash "^4.17.14"

@ -2704,9 +2704,9 @@ babel-jest@^27.0.6, babel-jest@^27.5.1:
    slash "^3.0.0"

 babel-loader@^8.2.2:
-  version "8.2.4"
-  resolved "https://registry.yarnpkg.com/babel-loader/-/babel-loader-8.2.4.tgz#95f5023c791b2e9e2ca6f67b0984f39c82ff384b"
-  integrity sha512-8dytA3gcvPPPv4Grjhnt8b5IIiTcq/zeXOPk4iTYI0SVXcsmuGg7JtBRDp8S9X+gJfhQ8ektjXZlDu1Bb33U8A==
+  version "8.2.5"
+  resolved "https://registry.yarnpkg.com/babel-loader/-/babel-loader-8.2.5.tgz#d45f585e654d5a5d90f5350a779d7647c5ed512e"
+  integrity sha512-OSiFfH89LrEMiWd4pLNqGz4CwJDtbs2ZVc+iGu2HrkRfPxId9F2anQj38IxWpmRfsUY0aBZYi1EFcd3mhtRMLQ==
  dependencies:
    find-cache-dir "^3.3.1"
    loader-utils "^2.0.0"
@ -3064,9 +3064,9 @@ camelcase@^6.2.0:
  integrity sha512-c7wVvbw3f37nuobQNtgsgG9POC9qMbNuMQmTCqZv23b6MIz0fcYpBiOlv9gEN/hdLdnZTDQhg6e9Dq5M1vKvfg==

 caniuse-lite@^1.0.30001286:
-  version "1.0.30001327"
-  resolved "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001327.tgz"
-  integrity sha512-1/Cg4jlD9qjZzhbzkzEaAC2JHsP0WrOc8Rd/3a3LuajGzGWR/hD7TVyvq99VqmTy99eVh8Zkmdq213OgvgXx7w==
+  version "1.0.30001332"
+  resolved "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001332.tgz"
+  integrity sha512-10T30NYOEQtN6C11YGg411yebhvpnC6Z102+B95eAsN0oB6KUs01ivE8u+G6FMIRtIrVlYXhL+LUwQ3/hXwDWw==

 caseless@~0.12.0:
  version "0.12.0"
@ -3799,10 +3799,10 @@ cypress-image-snapshot@^4.0.1:
    pkg-dir "^3.0.0"
    term-img "^4.0.0"

-cypress@9.5.3:
-  version "9.5.3"
-  resolved "https://registry.yarnpkg.com/cypress/-/cypress-9.5.3.tgz#7c56b50fc1f1aa69ef10b271d895aeb4a1d7999e"
-  integrity sha512-ItelIVmqMTnKYbo1JrErhsGgQGjWOxCpHT1TfMvwnIXKXN/OSlPjEK7rbCLYDZhejQL99PmUqul7XORI24Ik0A==
+cypress@9.5.4:
+  version "9.5.4"
+  resolved "https://registry.yarnpkg.com/cypress/-/cypress-9.5.4.tgz#49d9272f62eba12f2314faf29c2a865610e87550"
+  integrity sha512-6AyJAD8phe7IMvOL4oBsI9puRNOWxZjl8z1lgixJMcgJ85JJmyKeP6uqNA0dI1z14lmJ7Qklf2MOgP/xdAqJ/Q==
  dependencies:
    "@cypress/request" "^2.88.10"
    "@cypress/xvfb" "^1.2.4"
@ -4956,23 +4956,23 @@ eslint-plugin-html@^6.2.0:
    htmlparser2 "^7.1.2"

 eslint-plugin-jest@^26.0.0:
-  version "26.1.4"
-  resolved "https://registry.yarnpkg.com/eslint-plugin-jest/-/eslint-plugin-jest-26.1.4.tgz#8e3410093ff4439d0c3a371add5bf9e05623a57a"
-  integrity sha512-wgqxujmqc2qpvZqMFWCh6Cniqc8lWpapvXt9j/19DmBDqeDaYhJrSRezYR1SKyemvjx+9e9kny/dgRahraHImA==
+  version "26.1.5"
+  resolved "https://registry.yarnpkg.com/eslint-plugin-jest/-/eslint-plugin-jest-26.1.5.tgz#6cfca264818d6d6aa120b019dab4d62b6aa8e775"
+  integrity sha512-su89aDuljL9bTjEufTXmKUMSFe2kZUL9bi7+woq+C2ukHZordhtfPm4Vg+tdioHBaKf8v3/FXW9uV0ksqhYGFw==
  dependencies:
    "@typescript-eslint/utils" "^5.10.0"

 eslint-plugin-jsdoc@^39.1.0:
-  version "39.1.0"
-  resolved "https://registry.yarnpkg.com/eslint-plugin-jsdoc/-/eslint-plugin-jsdoc-39.1.0.tgz#dfe7b152ea1ce9e49457286fe3280f07d5bde060"
-  integrity sha512-KgpoLbeSEL3yv6T3QMErelPy+WFJSQkDoUOZTRmqCcsvQ4bmA02Vmw6WbC5cdYQ6P52iUIsAxtXTT66EF/Xzeg==
+  version "39.2.8"
+  resolved "https://registry.yarnpkg.com/eslint-plugin-jsdoc/-/eslint-plugin-jsdoc-39.2.8.tgz#09afbf581cdb5f1b65689201e693708c474d7a65"
+  integrity sha512-uZM+VIWRpwoaIMuuHW2XaMhQ6NXonDiXxKZ3ebgH7JmnBLElib4zln5Tqt3IjvZbS7eqQUOnQ1nM7D4JOk3erA==
  dependencies:
-    "@es-joy/jsdoccomment" "~0.22.1"
+    "@es-joy/jsdoccomment" "~0.29.0"
    comment-parser "1.3.1"
    debug "^4.3.4"
    escape-string-regexp "^4.0.0"
    esquery "^1.4.0"
-    semver "^7.3.6"
+    semver "^7.3.7"
    spdx-expression-parse "^3.0.1"

 eslint-plugin-markdown@^2.2.1:
@ -5023,11 +5023,11 @@ eslint-visitor-keys@^3.0.0, eslint-visitor-keys@^3.3.0:
  integrity sha512-mQ+suqKJVyeuwGYHAdjMFqjCyfl8+Ldnxuyp3ldiMBFKkvytrXUZWaiPCEav8qDHKty44bD+qV1IP4T+w+xXRA==

 eslint@^8.2.0:
-  version "8.13.0"
-  resolved "https://registry.yarnpkg.com/eslint/-/eslint-8.13.0.tgz#6fcea43b6811e655410f5626cfcf328016badcd7"
-  integrity sha512-D+Xei61eInqauAyTJ6C0q6x9mx7kTUC1KZ0m0LSEexR0V+e94K12LmWX076ZIsldwfQ2RONdaJe0re0TRGQbRQ==
+  version "8.14.0"
+  resolved "https://registry.yarnpkg.com/eslint/-/eslint-8.14.0.tgz#62741f159d9eb4a79695b28ec4989fcdec623239"
+  integrity sha512-3/CE4aJX7LNEiE3i6FeodHmI/38GZtWCsAtsymScmzYapx8q1nVVb+eLcLSzATmCPXw5pT4TqVs1E0OmxAd9tw==
  dependencies:
-    "@eslint/eslintrc" "^1.2.1"
+    "@eslint/eslintrc" "^1.2.2"
    "@humanwhocodes/config-array" "^0.9.2"
    ajv "^6.10.0"
    chalk "^4.0.0"
@ -7176,10 +7176,10 @@ jsbn@~0.1.0:
  resolved "https://registry.yarnpkg.com/jsbn/-/jsbn-0.1.1.tgz#a5e654c2e5a2deb5f201d96cefbca80c0ef2f513"
  integrity sha1-peZUwuWi3rXyAdls77yoDA7y9RM=

-jsdoc-type-pratt-parser@~2.2.5:
-  version "2.2.5"
-  resolved "https://registry.yarnpkg.com/jsdoc-type-pratt-parser/-/jsdoc-type-pratt-parser-2.2.5.tgz#c9f93afac7ee4b5ed4432fe3f09f7d36b05ed0ff"
-  integrity sha512-2a6eRxSxp1BW040hFvaJxhsCMI9lT8QB8t14t+NY5tC5rckIR0U9cr2tjOeaFirmEOy6MHvmJnY7zTBHq431Lw==
+jsdoc-type-pratt-parser@~3.0.1:
+  version "3.0.1"
+  resolved "https://registry.yarnpkg.com/jsdoc-type-pratt-parser/-/jsdoc-type-pratt-parser-3.0.1.tgz#ccbc7a4180bc8748af64d2cc431aaa92f88175bb"
+  integrity sha512-vqMCdAFVIiFhVgBYE/X8naf3L/7qiJsaYWTfUJZZZ124dR3OUz9HrmaMUGpYIYAN4VSuodf6gIZY0e8ktPw9cg==

 jsdom@^16.6.0:
  version "16.7.0"
@ -7318,10 +7318,10 @@ jsprim@^2.0.2:
    json-schema "0.4.0"
    verror "1.10.0"

-khroma@^1.4.1:
-  version "1.4.1"
-  resolved "https://registry.yarnpkg.com/khroma/-/khroma-1.4.1.tgz#ad6a5b6a972befc5112ce5129887a1a83af2c003"
-  integrity sha512-+GmxKvmiRuCcUYDgR7g5Ngo0JEDeOsGdNONdU2zsiBQaK4z19Y2NvXqfEDE0ZiIrg45GTZyAnPLVsLZZACYm3Q==
+khroma@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/khroma/-/khroma-2.0.0.tgz#7577de98aed9f36c7a474c4d453d94c0d6c6588b"
+  integrity sha512-2J8rDNlQWbtiNYThZRvmMv5yt44ZakX+Tz5ZIp/mN1pt4snn+m030Va5Z4v8xA0cQFDXBwO/8i42xL4QPsVk3g==

 kind-of@^3.0.2, kind-of@^3.0.3, kind-of@^3.2.0:
  version "3.2.2"
@ -7426,9 +7426,9 @@ lines-and-columns@^1.1.6:
  integrity sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==

 lint-staged@^12.1.2:
-  version "12.3.7"
-  resolved "https://registry.yarnpkg.com/lint-staged/-/lint-staged-12.3.7.tgz#ad0e2014302f704f9cf2c0ebdb97ac63d0f17be0"
-  integrity sha512-/S4D726e2GIsDVWIk1XGvheCaDm1SJRQp8efamZFWJxQMVEbOwSysp7xb49Oo73KYCdy97mIWinhlxcoNqIfIQ==
+  version "12.4.0"
+  resolved "https://registry.yarnpkg.com/lint-staged/-/lint-staged-12.4.0.tgz#1fb8c73ac7a1c670b87bd2c1bf1e302c866e77af"
+  integrity sha512-3X7MR0h9b7qf4iXf/1n7RlVAx+EzpAZXoCEMhVSpaBlgKDfH2ewf+QUm7BddFyq29v4dgPP+8+uYpWuSWx035A==
  dependencies:
    cli-truncate "^3.1.0"
    colorette "^2.0.16"
@ -7602,11 +7602,6 @@ lru-cache@^6.0.0:
  dependencies:
    yallist "^4.0.0"

-lru-cache@^7.4.0:
-  version "7.8.1"
-  resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-7.8.1.tgz#68ee3f4807a57d2ba185b7fd90827d5c21ce82bb"
-  integrity sha512-E1v547OCgJvbvevfjgK9sNKIVXO96NnsTsFPBlg4ZxjhsJSODoH9lk8Bm0OxvHNm6Vm5Yqkl/1fErDxhYL8Skg==
-
 make-dir@^2.0.0, make-dir@^2.1.0:
  version "2.1.0"
  resolved "https://registry.yarnpkg.com/make-dir/-/make-dir-2.1.0.tgz#5f0310e18b8be898cc07009295a30ae41e91e6f5"
@ -8172,9 +8167,9 @@ moment-mini@^2.24.0:
  integrity sha512-9ARkWHBs+6YJIvrIp0Ik5tyTTtP9PoV0Ssu2Ocq5y9v8+NOOpWiRshAp8c4rZVWTOe+157on/5G+zj5pwIQFEQ==

 moment@^2.23.0:
-  version "2.29.2"
-  resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.2.tgz#00910c60b20843bcba52d37d58c628b47b1f20e4"
-  integrity sha512-UgzG4rvxYpN15jgCmVJwac49h9ly9NurikMWGPdVxm8GZD6XjkKPxDTjQQ43gtGgnV3X0cAyWDdP2Wexoquifg==
+  version "2.29.3"
+  resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.3.tgz#edd47411c322413999f7a5940d526de183c031f3"
+  integrity sha512-c6YRvhEo//6T2Jz/vVtYzqBzwvPT95JBQ+smCytzf7c50oMZRsR/a4w88aD34I+/QVSfnoAnSBFPJHItlOMJVw==

 mri@^1.1.0:
  version "1.2.0"
@ -8843,9 +8838,9 @@ prettier-linter-helpers@^1.0.0:
    fast-diff "^1.1.2"

 prettier-plugin-jsdoc@^0.3.30:
-  version "0.3.36"
-  resolved "https://registry.yarnpkg.com/prettier-plugin-jsdoc/-/prettier-plugin-jsdoc-0.3.36.tgz#fc860c38087da161614bd30962f8b8e03cfbe339"
-  integrity sha512-Sij6almwQyQSh4X8T9IOHz3qGkK5PBZrUtd7ywVUECUiXvz+pYAuXM4293ABmCyVA9SoFbUMggiX9EjJiAzhxA==
+  version "0.3.38"
+  resolved "https://registry.yarnpkg.com/prettier-plugin-jsdoc/-/prettier-plugin-jsdoc-0.3.38.tgz#b8adbe9efc1dc11f3cc5ff0b07e0233a0fdf533d"
+  integrity sha512-h81ZV/nFk5gr3fzWMWzWoz/M/8FneAZxscT7DVSy+5jMIuWYnBFZfSswVKYZyTaZ5r6+6k4hpFTDWhRp85C1tg==
  dependencies:
    binary-searching "^2.0.5"
    comment-parser "^1.3.1"
@ -9615,12 +9610,12 @@ semver@^6.0.0, semver@^6.1.1, semver@^6.1.2, semver@^6.3.0:
  resolved "https://registry.yarnpkg.com/semver/-/semver-6.3.0.tgz#ee0a64c8af5e8ceea67687b133761e1becbd1d3d"
  integrity sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==

-semver@^7.1.1, semver@^7.3.2, semver@^7.3.4, semver@^7.3.5, semver@^7.3.6:
-  version "7.3.6"
-  resolved "https://registry.yarnpkg.com/semver/-/semver-7.3.6.tgz#5d73886fb9c0c6602e79440b97165c29581cbb2b"
-  integrity sha512-HZWqcgwLsjaX1HBD31msI/rXktuIhS+lWvdE4kN9z+8IVT4Itc7vqU2WvYsyD6/sjYCt4dEKH/m1M3dwI9CC5w==
+semver@^7.1.1, semver@^7.3.2, semver@^7.3.4, semver@^7.3.5, semver@^7.3.7:
+  version "7.3.7"
+  resolved "https://registry.yarnpkg.com/semver/-/semver-7.3.7.tgz#12c5b649afdbf9049707796e22a4028814ce523f"
+  integrity sha512-QlYTucUYOews+WeEujDoEGziz4K6c47V/Bd+LjSSYcA94p+DmINdf7ncaUinThfvZyu13lN9OY1XDxt8C0Tw0g==
  dependencies:
-    lru-cache "^7.4.0"
+    lru-cache "^6.0.0"

 send@0.17.2:
  version "0.17.2"
@ -10209,9 +10204,9 @@ strip-json-comments@^3.1.0, strip-json-comments@^3.1.1:
  integrity sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==

 stylis@^4.0.10:
-  version "4.1.0"
-  resolved "https://registry.yarnpkg.com/stylis/-/stylis-4.1.0.tgz#e3c7b24ff96d8af35efd161b6991a81c46e51933"
-  integrity sha512-SrSDzNasOCBTo7C2N9geFwydg/2bmdkWXd4gJirtq82m5JBYtR2+Ialck8czmfBLIdPxCOotlgJESPa8C1RqvA==
+  version "4.1.1"
+  resolved "https://registry.yarnpkg.com/stylis/-/stylis-4.1.1.tgz#e46c6a9bbf7c58db1e65bb730be157311ae1fe12"
+  integrity sha512-lVrM/bNdhVX2OgBFNa2YJ9Lxj7kPzylieHd3TNjuGE0Re9JB7joL5VUKOVH1kdNNJTgGPpT8hmwIAPLaSyEVFQ==

 subarg@^1.0.0:
  version "1.0.0"