Sanitize a BPMN for rendering?

Is it possible? / What are the minimal nodes in the xml required to render a BPMN but sanitize the configurations (task, gateways, listeners, etc). Pretty much everything except for element labels/titles.

Can this be done?

Use Case: You want to show the BPMN but it is shared with a unknown actor, therefore it must be a cleaned version that does not expose any configurations.

A simple proposal is to share the exported SVG only. That export contains only the visible bits but no technical insights (if you regard that as the configurations you’d like to strip). In fact, it is also hard to re-use for the unknown actor (if that is a requirement).

An alternative is to build your own sanitizer (i.e. by parsing the diagram with bpmn-moddle, traversing it, removing the confidential details and exporting a sanitized version).

These are two options I’d explore.

1 Like