
Research
/Security News
jscrambler npm Package Compromised in Supply Chain Attack
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.
@react-native-solutions/form
Advanced tools
Form
npm install @react-native-solutions/form
import { FormProvider, FormAction, useForm, Validators } from '@react-native-solutions/form';
const config = {
validateOnChange: true,
fields: {
login: {
initialValue: '',
validate: {
any: [
'Login is bad :(',
[
({ value }) => value.includes('@'),
({ value }) => value.includes('+380'),
],
],
},
},
password: {
initialValue: '',
validate: {
every: [
['Password is too short', Validators.minLength(4)],
['Password is too long', Validators.maxLength(8)],
],
},
},
privacyPolicy: {
initialValue: false,
validate: {
only: [
'This should be checked!',
({ value }) => !!value,
],
},
},
},
};
const extractNativeText = ({ nativeEvent: { text } }) => ({
value: text,
});
function App() {
const SignInForm = useForm(config);
const { Fields } = SignInForm;
return (
<View style={styles.container}>
<FormProvider form={SignInForm} onSubmit={console.log}>
<Fields.LoginField
render={({ value, handleChange, validation }) => (
<>
<TextInput
style={styles.textField}
value={value}
onChange={handleChange(extractNativeText)}
/>
{!validation.valid && <Text>{validation.errors[0]}</Text>}
</>
)}
/>
<Fields.PasswordField
render={({ value, handleChange, validation }) => (
<>
<TextInput
style={styles.textField}
value={value}
onChange={handleChange(extractNativeText)}
/>
{!validation.valid && <Text>{validation.errors[0]}</Text>}
</>
)}
/>
<Fields.PrivacyPolicyField
render={({ value, handleChange, validation }) => (
<>
<Switch
onValueChange={handleChange}
value={value}
style={{ width: 20, height: 20 }}
/>
{!validation.valid && <Text>{validation.errors[0]}</Text>}
</>
)}
/>
<FormAction
render={(actions: FormStateActions) =>
actions && <Button title={'Sign In'} onPress={actions.submit} />
}
/>
</FormProvider>
</View>
);
}
useForm APIStores form state in a reducer, generates Fields according to given config
See all possible config options in usage example.
const EntireFromState = useForm(config);
const { Fields, state, reset, validate } = EntireFromState;
FormProvider APIProvides a context for Fields & FormAction.
Props:
form: FormState, result of useForm hook.onSubmit: Submit callback.Field APIGenerated field called like configured but in UpperCamelCase.
Takes the only one render prop which is a function.
const MyInput = ({ value, handleChange, validation }) => {
...
return <SomeJSX />
}
<FormProvider form={EntireFormState} onSubmit={handleSubmit}>
...
<Field.MyField render={MyInput} />
...
</FormProvider>
value - field valuehandleChange - a function to change field state, takes a StateExtractor as parametervalidation - field validation state. Object with valid: boolean and error: string[] propertiesState extractor is a function which helps to get the desired value from change event.
Takes any event from your input source and must return an object with value property.
Example for react-native TextInput onChange even:
const extractNativeText = ({ nativeEvent: { text } }) => ({
value: text,
});
// Somewhere in your input
<TextInput onChange={handleChange(extractNativeText)} />
If you haven't passed a StateExtractor to the handleChange it will treat upcoming event like a field value.
<TextInput onTextChange={handleChange} />
// Similar to
<TextInput onTextChange={handleChange(text => ({ value: text )})} />
FormAction APIA from action component.
<FormProvider form={EntireFormState} onSubmit={handleSubmit}>
...
<FormAction
render={({ submit }) => (
<Button label="submit" onPress={submit} />
)}
/>
...
</FormProvider>
MIT
FAQs
Form state management
The npm package @react-native-solutions/form receives a total of 13 weekly downloads. As such, @react-native-solutions/form popularity was classified as not popular.
We found that @react-native-solutions/form demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.

Research
/Security News
A malicious .NET package is typosquatting the Braintree SDK to steal live payment card data, merchant API keys, and host secrets from production apps.

Security News
/Research
Compromised Injective SDK npm version 1.20.21 exfiltrates wallet private keys and mnemonics through fake telemetry functionality.