Merge remote-tracking branch 'origin' into certification

.github/workflows/codeql.yml

@@ -0,0 +1,49 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [main, dev, certification]
+  pull_request:
+    branches: [main, dev, certification]
+  schedule:
+    - cron: '0 0 * * 3'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    timeout-minutes: 60
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ['typescript']
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+      with:
+        fetch-depth: 2
+
+    - name: Use Node.js 18
+      uses: actions/setup-node@v2
+      with:
+        node-version: 18.x
+
+    - name: Install Dependencies
+      run: npm ci
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: ${{ matrix.language }}
+
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v3
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3

CHANGELOG.md

@@ -1,4 +1,7 @@
 
+## 3.0.5.0
+* Fix bug with empty columns gradient when legend is disabled
+
 ## 3.0.4.0
 * Use selectionManager instead of interactivity utils
 * Add interactivity to legend

SECURITY.md

@@ -0,0 +1,41 @@
+<!-- BEGIN MICROSOFT SECURITY.MD V0.0.7 BLOCK -->
+
+## Security
+
+Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/).
+
+If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://aka.ms/opensource/security/definition), please report it to us as described below.
+
+## Reporting Security Issues
+
+**Please do not report security vulnerabilities through public GitHub issues.**
+
+Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://aka.ms/opensource/security/create-report).
+
+If you prefer to submit without logging in, send email to [[email protected]](mailto:[email protected]).  If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://aka.ms/opensource/security/pgpkey).
+
+You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://aka.ms/opensource/security/msrc). 
+
+Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
+
+  * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+  * Full paths of source file(s) related to the manifestation of the issue
+  * The location of the affected source code (tag/branch/commit or direct URL)
+  * Any special configuration required to reproduce the issue
+  * Step-by-step instructions to reproduce the issue
+  * Proof-of-concept or exploit code (if possible)
+  * Impact of the issue, including how an attacker might exploit the issue
+
+This information will help us triage your report more quickly.
+
+If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://aka.ms/opensource/security/bounty) page for more details about our active programs.
+
+## Preferred Languages
+
+We prefer all communications to be in English.
+
+## Policy
+
+Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://aka.ms/opensource/security/cvd).
+
+<!-- END MICROSOFT SECURITY.MD BLOCK -->

package.json

@@ -1,6 +1,6 @@
 {
   "name": "powerbi-visuals-tornadochart",
-  "version": "3.0.4.0",
+  "version": "3.0.5.0",
   "author": {
     "name": "Microsoft",
     "email": "[email protected]"

pbiviz.json

@@ -1,10 +1,10 @@
 {
   "visual": {
     "name": "TornadoChart",
-    "displayName": "Tornado 3.0.4.0",
+    "displayName": "Tornado 3.0.5.0",
     "guid": "TornadoChart1452517688218",
     "visualClassName": "TornadoChart",
-    "version": "3.0.4.0",
+    "version": "3.0.5.0",
     "description": "A bar chart with category values listed vertically. Use for comparing the relative importance of a variable between two distinct groups.",
     "supportUrl": "https://community.powerbi.com",
     "gitHubUrl": "https://github.com/Microsoft/PowerBI-visuals-Tornado"

src/TornadoChart.ts

@@ -1029,50 +1029,52 @@ export class TornadoChart implements IVisual {
     }
 
     private renderLegend(): void {
-        const formattingSettings: TornadoChartSettingsModel = this.formattingSettings;
-        if (formattingSettings.legendCardSettings.show.value) {
+        const legendSettings: LegendCardSettings = this.formattingSettings.legendCardSettings;
+        if (legendSettings.show.value) {
 
             const legend: LegendData = this.dataView.legend;
             if (!legend) {
                 return;
             }
 
-            const legendLabelsColor: string = formattingSettings.legendCardSettings.labelColor.value.value;
+            const legendLabelsColor: string = legendSettings.labelColor.value.value;
             const legendData: LegendData = {
                 title: legend.title,
                 dataPoints: legend.dataPoints,
-                fontSize: formattingSettings.legendCardSettings.font.fontSize.value,
-                fontFamily: formattingSettings.legendCardSettings.font.fontFamily.value,
+                fontSize: legendSettings.font.fontSize.value,
+                fontFamily: legendSettings.font.fontFamily.value,
                 labelColor: this.colorHelper.isHighContrast ? this.colorHelper.getHighContrastColor("foreground", legendLabelsColor) : legendLabelsColor
             };
 
             if (this.dataView.legendObjectProperties) {
                 LegendDataModule.update(legendData, this.dataView.legendObjectProperties);
 
-                const position = this.formattingSettings.legendCardSettings.positionDropdown.value.value;
+                const position = legendSettings.positionDropdown.value.value;
 
                 if (position) {
                     this.legend.changeOrientation(LegendPosition[position]);
                 }
             }
 
             this.legend.drawLegend(legendData, { ...this.viewport });
-            this.legendItems = this.legendSelection.selectAll(TornadoChart.LegendItemSelector.selectorName);
-
-            this.legendSelection.selectAll("text")
-                .style("font-weight",  () => this.formattingSettings.legendCardSettings.font.bold.value ? "bold" : "normal")
-                .style("font-style",  () => this.formattingSettings.legendCardSettings.font.italic.value ? "italic" : "normal")
-                .style("text-decoration", () => this.formattingSettings.legendCardSettings.font.underline.value ? "underline" : "none");
 
-            if (legendData.dataPoints.length > 0 && formattingSettings.legendCardSettings.show.value) {
+            if (legendData.dataPoints.length > 0 && legendSettings.show.value) {
                 this.updateViewport();
             }
         }
         else {
             this.legend.reset();
             this.legend.drawLegend({ dataPoints: [] }, this.viewport);
         }
-        TornadoChart.SetPositionsDependingOnLegend(this.rootContainer, formattingSettings.legendCardSettings, this.legend);
+
+        this.legendItems = this.legendSelection.selectAll(TornadoChart.LegendItemSelector.selectorName);
+
+        this.legendSelection.selectAll("text")
+            .style("font-weight",  () => legendSettings.font.bold.value ? "bold" : "normal")
+            .style("font-style",  () => legendSettings.font.italic.value ? "italic" : "normal")
+            .style("text-decoration", () => legendSettings.font.underline.value ? "underline" : "none");
+
+        TornadoChart.SetPositionsDependingOnLegend(this.rootContainer, legendSettings, this.legend);
     }
 
     public static SetPositionsDependingOnLegend(chartArea: HTMLElement, legendSettings: LegendCardSettings, legend: ILegend): void{