security: fix some security vulnerabilities in GGEditor

[slievrly]

Signed-off-by: slievrly slievrly@163.com

• I have registered the PR changes.

Ⅰ. Describe what this PR did

fix some security vulnerabilities in GGEditor

Ⅱ. Does this pull request fix one issue?

The original PR could not be merged due to a CLA problem with the BOT, but the content was verified, so a new PR was submitted to solve the problem.

fixes #4796 #4576 #4464 #4412

Ⅲ. Why don't you add test cases (unit test/integration test)?

Ⅳ. Describe how to verify it

cd saga/seata-saga-statemachine-designer
npm install
npm start

visit: http://localhost:8080/#/

import json design

{
  "nodes": [
    {
      "type": "node",
      "size": "39*39",
      "shape": "flow-circle",
      "color": "red",
      "label": "Catch",
      "stateId": "Catch1",
      "stateType": "Catch",
      "x": 592,
      "y": 590,
      "id": "e5a3adea",
      "index": 3
    },
    {
      "type": "node",
      "size": "72*72",
      "shape": "flow-circle",
      "color": "#FA8C16",
      "label": "Start",
      "stateId": "Start1",
      "stateType": "Start",
      "stateProps": {
        "StateMachine": {
          "Name": "",
          "Comment": "",
          "Version": "0.0.1"
        }
      },
      "x": 528,
      "y": 194.5,
      "id": "c52c1eb1",
      "index": 8
    },
    {
      "type": "node",
      "size": "110*48",
      "shape": "flow-rect",
      "color": "#1890FF",
      "label": "inventory",
      "stateId": "ServiceTask1",
      "stateType": "ServiceTask",
      "stateProps": {
        "ServiceName": "",
        "ServiceMethod": "",
        "Input": [
          {}
        ],
        "Output": {},
        "Status": {},
        "Retry": []
      },
      "x": 528,
      "y": 298,
      "id": "9dc55222",
      "index": 9
    },
    {
      "type": "node",
      "size": "80*72",
      "shape": "flow-rhombus",
      "color": "#13C2C2",
      "label": "Choice",
      "stateId": "Choice1",
      "stateType": "Choice",
      "x": 528,
      "y": 437,
      "id": "684e8401",
      "index": 10
    },
    {
      "type": "node",
      "size": "72*72",
      "shape": "flow-circle",
      "color": "red",
      "label": "Fail",
      "stateId": "Fail1",
      "stateType": "Fail",
      "stateProps": {
        "ErrorCode": "",
        "Message": ""
      },
      "x": 779,
      "y": 457,
      "id": "7e88c6b9",
      "index": 11
    },
    {
      "type": "node",
      "size": "110*48",
      "shape": "flow-capsule",
      "color": "#722ED1",
      "label": "CompensateInventory",
      "stateId": "Compensation1",
      "stateType": "Compensation",
      "stateProps": {
        "ServiceName": "",
        "ServiceMethod": "",
        "Input": [
          {}
        ],
        "Output": {},
        "Status": {},
        "Retry": []
      },
      "x": 264,
      "y": 297.5,
      "id": "9701c0d0",
      "index": 12
    },
    {
      "type": "node",
      "size": "110*48",
      "shape": "flow-rect",
      "color": "#1890FF",
      "label": "Account",
      "stateId": "ServiceTask2",
      "stateType": "ServiceTask",
      "stateProps": {
        "ServiceName": "",
        "ServiceMethod": "",
        "Input": [
          {}
        ],
        "Output": {},
        "Status": {},
        "Retry": []
      },
      "x": 530,
      "y": 561,
      "id": "2b58fc29",
      "index": 13
    },
    {
      "type": "node",
      "size": "72*72",
      "shape": "flow-circle",
      "color": "#05A465",
      "label": "Succeed",
      "stateId": "Succeed1",
      "stateType": "Succeed",
      "x": 531.5,
      "y": 671,
      "id": "819d95af",
      "index": 14
    },
    {
      "type": "node",
      "size": "110*48",
      "shape": "flow-capsule",
      "color": "#722ED1",
      "label": "CompensateAccount",
      "stateId": "Compensation2",
      "stateType": "Compensation",
      "stateProps": {
        "ServiceName": "",
        "ServiceMethod": "",
        "Input": [
          {}
        ],
        "Output": {},
        "Status": {},
        "Retry": []
      },
      "x": 258,
      "y": 560.5,
      "id": "508e1241",
      "index": 15
    },
    {
      "type": "node",
      "size": "110*48",
      "shape": "flow-capsule",
      "color": "red",
      "label": "Compensation\nTrigger",
      "stateId": "CompensationTrigger1",
      "stateType": "CompensationTrigger",
      "x": 732,
      "y": 617,
      "id": "c4faa0db"
    }
  ],
  "edges": [
    {
      "source": "c52c1eb1",
      "sourceAnchor": 2,
      "target": "9dc55222",
      "targetAnchor": 0,
      "id": "aa78a5e5",
      "shape": "flow-polyline-round",
      "index": 0
    },
    {
      "source": "9dc55222",
      "sourceAnchor": 2,
      "target": "684e8401",
      "targetAnchor": 0,
      "id": "f4288b30",
      "shape": "flow-polyline-round",
      "index": 1
    },
    {
      "source": "684e8401",
      "sourceAnchor": 1,
      "target": "7e88c6b9",
      "targetAnchor": 3,
      "id": "c644bb2f",
      "shape": "flow-polyline-round",
      "stateProps": {
        "Expression": "",
        "Default": false
      },
      "index": 2
    },
    {
      "source": "9dc55222",
      "sourceAnchor": 3,
      "target": "9701c0d0",
      "targetAnchor": 1,
      "id": "c6d60337",
      "shape": "flow-polyline-round",
      "style": {
        "lineDash": "4",
        "endArrow": false
      },
      "type": "Compensation",
      "index": 4
    },
    {
      "source": "684e8401",
      "sourceAnchor": 2,
      "target": "2b58fc29",
      "targetAnchor": 0,
      "id": "edb1d7db",
      "shape": "flow-polyline-round",
      "stateProps": {
        "Expression": "",
        "Default": false
      },
      "index": 5
    },
    {
      "source": "2b58fc29",
      "sourceAnchor": 2,
      "target": "819d95af",
      "targetAnchor": 0,
      "id": "234f4656",
      "shape": "flow-polyline-round",
      "index": 6
    },
    {
      "source": "2b58fc29",
      "sourceAnchor": 3,
      "target": "508e1241",
      "targetAnchor": 1,
      "id": "b785f641",
      "shape": "flow-polyline-round",
      "style": {
        "lineDash": "4",
        "endArrow": false
      },
      "type": "Compensation",
      "index": 7
    },
    {
      "source": "e5a3adea",
      "sourceAnchor": 1,
      "target": "c4faa0db",
      "targetAnchor": 3,
      "id": "75205e32",
      "shape": "flow-polyline-round",
      "stateProps": {
        "Exceptions": [
          "java.lang.Throwable"
        ]
      }
    },
    {
      "source": "c4faa0db",
      "sourceAnchor": 1,
      "target": "7e88c6b9",
      "targetAnchor": 2,
      "id": "10d8268d",
      "shape": "flow-polyline-round"
    }
  ]
}

https://seata.io/saga_designer/index.html#/

apache/incubator-seata-website#483 (comment)

Ⅴ. Special notes for reviews

[codecov-commenter]

Codecov Report

Merging #4865 (5b13e11) into develop (e3af78e) will increase coverage by 0.00%.
The diff coverage is n/a.

❗ Current head 5b13e11 differs from pull request most recent head 5309a66. Consider uploading reports for the commit 5309a66 to get more accurate results

@@            Coverage Diff             @@
##             develop    #4865   +/-   ##
==========================================
  Coverage      49.16%   49.17%           
+ Complexity      4094     4091    -3     
==========================================
  Files            737      737           
  Lines          25750    25745    -5     
  Branches        3181     3180    -1     
==========================================
  Hits           12660    12660           
- Misses         11735    11736    +1     
+ Partials        1355     1349    -6     

Impacted Files	Coverage Δ
...n/src/main/java/io/seata/common/util/IdWorker.java	77.08% <0.00%> (-6.25%)	⬇️
...erver/storage/file/session/FileSessionManager.java	47.77% <0.00%> (-5.74%)	⬇️
...ava/io/seata/server/metrics/MetricsSubscriber.java	84.34% <0.00%> (-1.74%)	⬇️
...in/java/io/seata/server/session/SessionHelper.java	65.62% <0.00%> (-1.05%)	⬇️
...very/registry/zk/ZookeeperRegisterServiceImpl.java	61.76% <0.00%> (+0.73%)	⬆️
...o/seata/server/coordinator/DefaultCoordinator.java	48.57% <0.00%> (+0.81%)	⬆️
...in/java/io/seata/server/session/GlobalSession.java	82.17% <0.00%> (+1.16%)	⬆️
...r/console/impl/file/GlobalLockFileServiceImpl.java	97.43% <0.00%> (+2.56%)	⬆️
.../java/io/seata/server/coordinator/DefaultCore.java	53.61% <0.00%> (+4.81%)	⬆️
...rm/tcc/remoting/parser/LocalTCCRemotingParser.java	57.69% <0.00%> (+9.30%)	⬆️