Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
flatpickr
Advanced tools
Flatpickr is a lightweight and powerful datetime picker library. It allows users to easily select dates, times, or date ranges with a simple and customizable interface. It is highly configurable and supports a wide range of options and plugins to enhance its functionality.
Basic Date Picker
This initializes a basic date picker on an input element with the ID 'datePicker'.
const flatpickr = require('flatpickr');
flatpickr('#datePicker', {});
Date Range Picker
This sets up a date range picker, allowing users to select a start and end date.
const flatpickr = require('flatpickr');
flatpickr('#dateRangePicker', { mode: 'range' });
Time Picker
This initializes a time picker without a calendar, allowing users to select a time.
const flatpickr = require('flatpickr');
flatpickr('#timePicker', { enableTime: true, noCalendar: true, dateFormat: 'H:i' });
Custom Date Format
This sets up a date picker with a custom date format (day-month-year).
const flatpickr = require('flatpickr');
flatpickr('#customFormatPicker', { dateFormat: 'd-m-Y' });
Disabling Specific Dates
This initializes a date picker that disables specific dates, preventing users from selecting them.
const flatpickr = require('flatpickr');
flatpickr('#disableDatesPicker', { disable: ['2023-10-10', '2023-10-20'] });
React DatePicker is a simple and reusable datepicker component for React. It offers similar functionalities to flatpickr but is specifically designed for React applications. It provides a more seamless integration with React's state management and lifecycle methods.
Pikaday is a lightweight JavaScript datepicker with no dependencies. It offers a minimalist approach to date picking and is highly customizable. Compared to flatpickr, Pikaday is more focused on simplicity and ease of use, but it may lack some of the advanced features and plugins available in flatpickr.
Air Datepicker is a lightweight, customizable, and dependency-free datepicker. It provides a wide range of options and configurations similar to flatpickr. However, it may not have as extensive plugin support as flatpickr.
Almost every large SPA or project involves date and time input. Browser's native implementations of those are inconsistent and limited in functionality. Most other libraries require you to pull in heavy dependencies like jQuery, Bootstrap, and moment.js. I wanted something that was good-looking out of the box, dependency-free, powerful, and extensible.
Feature overview:
flatpickr provides more functionality at a fraction of the size of other libraries.
IE9 and up, Edge, iOS Safari 6+, Chrome 8+, Firefox 6+
Demos and documentation: https://flatpickr.js.org
See also:
flatpickr will never change its license, pester users for donations, or engage in other user-hostile behavior.
Nevertheless, if you enjoyed working with this library or if its made your life easier, you can buy me a cup of coffee :)
FAQs
A lightweight, powerful javascript datetime picker
The npm package flatpickr receives a total of 793,858 weekly downloads. As such, flatpickr popularity was classified as popular.
We found that flatpickr demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.