Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
@zag-js/pin-input
Advanced tools
@zag-js/pin-input is a package that provides a set of utilities to create accessible and customizable pin input components. It is part of the Zag.js library, which focuses on building state machines for UI components. This package allows developers to easily implement pin input fields with features like validation, focus management, and more.
Basic Pin Input Setup
This code demonstrates how to set up a basic pin input component using the @zag-js/pin-input package. It uses the `usePinInput` hook to manage the state and behavior of the pin input fields. The `getInputProps` function is used to spread the necessary props onto each input element, ensuring they are correctly managed.
import { usePinInput } from '@zag-js/pin-input';
const PinInputComponent = () => {
const { inputProps, getInputProps } = usePinInput({
id: 'pin-input',
onComplete: (value) => console.log('Pin complete:', value),
});
return (
<div>
<input {...getInputProps({ index: 0 })} />
<input {...getInputProps({ index: 1 })} />
<input {...getInputProps({ index: 2 })} />
<input {...getInputProps({ index: 3 })} />
</div>
);
};
Custom Validation
This example shows how to implement custom validation logic in a pin input component. The `validate` function checks if the entered pin is exactly 4 digits long and consists only of numbers. The `onComplete` callback is triggered when a valid pin is entered.
import { usePinInput } from '@zag-js/pin-input';
const PinInputWithValidation = () => {
const { inputProps, getInputProps } = usePinInput({
id: 'pin-input',
validate: (value) => value.length === 4 && !isNaN(Number(value)),
onComplete: (value) => console.log('Valid pin:', value),
});
return (
<div>
<input {...getInputProps({ index: 0 })} />
<input {...getInputProps({ index: 1 })} />
<input {...getInputProps({ index: 2 })} />
<input {...getInputProps({ index: 3 })} />
</div>
);
};
react-pin-input is a React component for creating pin input fields. It provides a simple API for setting up pin inputs with customizable length and styling options. Compared to @zag-js/pin-input, react-pin-input is more focused on providing a straightforward component without the state machine approach, making it easier to use for simple use cases but less flexible for complex state management.
react-code-input is another React component for creating code or pin input fields. It offers customization options for styling and input length. While it provides similar functionality to @zag-js/pin-input, it does not offer the same level of accessibility features and state management capabilities provided by the state machine approach of Zag.js.
Core logic for the pin-input widget implemented as a state machine
yarn add @zag-js/pin-input
# or
npm i @zag-js/pin-input
Yes please! See the contributing guidelines for details.
This project is licensed under the terms of the MIT license.
FAQs
Core logic for the pin-input widget implemented as a state machine
The npm package @zag-js/pin-input receives a total of 107,889 weekly downloads. As such, @zag-js/pin-input popularity was classified as popular.
We found that @zag-js/pin-input demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.