![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
@commercetools-uikit/multiline-text-input
Advanced tools
Readme
A controlled text input component for multi-line strings with validation states.
yarn add @commercetools-uikit/multiline-text-input
npm --save install @commercetools-uikit/multiline-text-input
Additionally install the peer dependencies (if not present)
yarn add react react-intl
npm --save install react react-intl
import MultilineTextInput from '@commercetools-uikit/multiline-text-input';
const Example = () => (
<MultilineTextInput
value="foo"
onChange={
(/** event */) => {
// alert(event.target.value)
}
}
/>
);
export default Example;
Props | Type | Required | Default | Description |
---|---|---|---|---|
name | string | Used as HTML name of the input component. property | ||
aria-invalid | boolean | Indicate if the value entered in the input is invalid. | ||
aria-errormessage | string | HTML ID of an element containing an error message related to the input. | ||
autoComplete | string | Used as HTML autocomplete property | ||
id | string | Used as HTML id property. An id is auto-generated when it is not specified. | ||
value | string | ✅ | Value of the input component. | |
onChange | ChangeEventHandler | Called with an event containing the new value. Required when input is not read only. Parent should pass it back as value. | ||
onBlur | FocusEventHandler | Called when input is blurred | ||
onFocus | FocusEventHandler | Called when input is focused | ||
isAutofocussed | boolean | Focus the input on initial render | ||
defaultExpandMultilineText | boolean | false | Expands multiline text input initially | |
isDisabled | boolean | Indicates that the input cannot be modified (e.g not authorized, or changes currently saving). | ||
isReadOnly | boolean | Indicates that the field is displaying read-only content | ||
placeholder | string | Placeholder text for the input | ||
hasError | boolean | Indicates that input has errors | ||
hasWarning | boolean | Control to indicate on the input if there are selected values that are potentially invalid | ||
horizontalConstraint | union Possible values: , 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 'scale', 'auto' | Horizontal size limit of the input fields. |
MultilineTextInput.isEmpty
Returns true
when the value is considered empty, which is when the value is empty or consists of spaces and linebreaks only.
MultilineTextInput.isEmpty(''); // -> true
MultilineTextInput.isEmpty(' '); // -> true
MultilineTextInput.isEmpty('\n'); // -> true
MultilineTextInput.isEmpty('tree'); // -> false
Whenever a user input can hold multiline strings this MultilineTextInput
component is recommended
Not recommended to be used when the content is single-lined (e.g email address, password etc.)
The horizontal constraint is not recommended to be smaller than s
since content may cut off
FAQs
Unknown package
The npm package @commercetools-uikit/multiline-text-input receives a total of 2,661 weekly downloads. As such, @commercetools-uikit/multiline-text-input popularity was classified as popular.
We found that @commercetools-uikit/multiline-text-input demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.