feat: add plugin tooltip option prefixCls

[XiaoMing-xmg666]

fixes: #7153

[gemini-code-assist]

Summary of Changes

Hello @XiaoMing-xmg666, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request enhances the tooltip plugin by introducing a prefixCls option. This allows developers to define a custom CSS class prefix for tooltip elements, which is crucial for preventing styling conflicts and ensuring better integration within diverse application environments. The change includes updates to the plugin's core logic, new test cases, and comprehensive documentation.

Highlights

• New prefixCls Option for Tooltip Plugin: Introduced a prefixCls option in the TooltipOptions interface, allowing users to specify a custom class name prefix for tooltip elements, enhancing styling flexibility.
• Dynamic Styling with prefixCls: The tooltip's visibility styling now dynamically incorporates the provided prefixCls, enabling more flexible and isolated CSS management without conflicting with existing global styles.
• New Demo and Unit Test Coverage: A new demo (pluginTooltipPrefixClsEnable) and a corresponding unit test were added to demonstrate and verify the correct functionality and behavior of the prefixCls option.
• Documentation Updates: Both English and Chinese documentation for the Tooltip plugin have been updated to include comprehensive details about the new prefixCls option.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a prefixCls option to the tooltip plugin, allowing for customization of the CSS class prefix. The changes span the plugin's options, constructor, and style applications, and are supported by new tests and updated documentation. My main feedback is on the plugin's constructor, where the current option-merging logic could unintentionally override crucial default styles. I've suggested a more robust merging strategy to prevent this potential issue.

[gemini-code-assist]

The current implementation for combining options might lead to issues. Object.assign performs a shallow merge. If a user provides a style object in the options, it will completely overwrite the default style that sets visibility: 'hidden'. This could cause the tooltip to be visible by default, which is likely not the intended behavior and a regression for users customizing styles.

To fix this, I recommend using a deep merge for the options, especially for the style property. This ensures that user-provided styles are merged with the default styles, preserving the essential visibility: 'hidden' rule. You'll need to import deepMix from @antv/util at the top of the file.

Suggested change

	const combineOptions = Object.assign(
	{
	style: {
	[`.${options.prefixCls || ''}tooltip`]: {
	visibility: 'hidden',
	},
	},
	},
	Tooltip.defaultOptions,
	options,
	);
	super(context, combineOptions);
	const defaultStyledOptions = {
	style: {
	[`.${options.prefixCls || ''}tooltip`]: {
	visibility: 'hidden',
	},
	},
	};
	const finalOptions = deepMix({}, defaultStyledOptions, Tooltip.defaultOptions, options);
	super(context, finalOptions);

[Aarebecca]

@XiaoMing-xmg666 这里得改下 Object.assign 可能会意外覆盖 style

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 95.59%. Comparing base (ef197c8) to head (d00a55d).
⚠️ Report is 14 commits behind head on v5.

Additional details and impacted files

@@           Coverage Diff           @@
##               v5    #7512   +/-   ##
=======================================
  Coverage   95.59%   95.59%           
=======================================
  Files         188      188           
  Lines        9888     9892    +4     
  Branches     2134     2137    +3     
=======================================
+ Hits         9452     9456    +4     
+ Misses        436      404   -32     
- Partials        0       32   +32     

Flag	Coverage Δ
g6	95.59% <100.00%> (+<0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
packages/g6/src/plugins/tooltip.ts	80.28% <100.00%> (+0.57%)	⬆️

... and 12 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[XiaoMing-xmg666]

[Aarebecca]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces a prefixCls option to the tooltip plugin for custom CSS class prefixes. However, a significant security vulnerability exists: the prefixCls string is not sanitized, which could lead to CSS Injection and Cross-Site Scripting (XSS) if exposed to untrusted input. Furthermore, the current option merging in the constructor uses a shallow merge, potentially causing user-provided styles to incorrectly overwrite default styles.

[gemini-code-assist]

The prefixCls option is used to construct a CSS selector key without any sanitization. This creates a potential CSS Injection and Cross-Site Scripting (XSS) vulnerability if an attacker can control this option, as they could inject malicious CSS rules. It is recommended to sanitize the input to allow only safe characters like alphanumeric characters, hyphens, and underscores.

Suggested change

	[`.${options.prefixCls || ''}tooltip`]: {
	[`.${(options.prefixCls || '').replace(/[^a-zA-Z0-9_-]/g, '')}tooltip`]: {

[gemini-code-assist]

Similar to the constructor, the show method uses the prefixCls option to construct a CSS selector without sanitization, which is vulnerable to CSS injection.

Suggested change

	[`.${this.options.prefixCls || ''}tooltip`]: {
	[`.${(this.options.prefixCls || '').replace(/[^a-zA-Z0-9_-]/g, '')}tooltip`]: {

[gemini-code-assist]

The prefixCls is passed to the component's template without sanitization. If the underlying TooltipComponent renders this value directly into the DOM (e.g., as a class name in an unescaped template), it could lead to Cross-Site Scripting (XSS). Sanitizing the prefix ensures it remains a safe string for DOM attributes.

Suggested change

	prefixCls: this.options.prefixCls || '',
	prefixCls: (this.options.prefixCls || '').replace(/[^a-zA-Z0-9_-]/g, ''),