Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
react-csv-importer
Advanced tools
This library combines an uploader + CSV parser + raw file preview + UI for custom user column mapping, all in one.
Use this to provide a typical bulk data import experience:
Try it in the live code sandbox
# using NPM
npm install --save react-csv-importer
# using Yarn
yarn add react-csv-importer
Make sure that the bundled CSS stylesheet (/dist/index.css
) is present in your app's page or bundle.
This package is easy to fork with your own customizations, and you can use your fork directly as a Git dependency in any of your projects, see below. For simple CSS customization you can also just override the built-in styling with your own style rules.
Render the React CSV Importer UI component where you need it in your app. This will present the upload widget to the user. After a file is selected and reviewed by the user, CSV file data is parsed in-browser and passed to your front-end code as a list of JSON objects. Each object will have fields corresponding to the columns that the user selected.
Large files (can be up to 1GB and more!) are parsed in chunks: return a promise from your data handler and the file reader will pause until you are ready for more data.
Instead of a custom CSV parser this library uses the popular Papa Parse CSV reader. Because the file reader runs in-browser, your backend (if you have one) never has to deal with raw CSV data.
import { Importer, ImporterField } from 'react-csv-importer';
// include the widget CSS file whichever way your bundler supports it
import 'react-csv-importer/dist/index.css';
// in your component code:
<Importer
dataHandler={async (rows, { startIndex }) => {
// required, may be called several times
// receives a list of parsed objects based on defined fields and user column mapping;
// (if this callback returns a promise, the widget will wait for it before parsing more data)
for (row of rows) {
await myAppMethod(row);
}
}}
defaultNoHeader={false} // optional, keeps "data has headers" checkbox off by default
restartable={false} // optional, lets user choose to upload another file when import is complete
onStart={({ file, preview, fields, columnFields }) => {
// optional, invoked when user has mapped columns and started import
prepMyAppForIncomingData();
}}
onComplete={({ file, preview, fields, columnFields }) => {
// optional, invoked right after import is done (but user did not dismiss/reset the widget yet)
showMyAppToastNotification();
}}
onClose={({ file, preview, fields, columnFields }) => {
// optional, if this is specified the user will see a "Finish" button after import is done,
// which will call this when clicked
goToMyAppNextPage();
}}
// CSV options passed directly to PapaParse if specified:
// delimiter={...}
// newline={...}
// quoteChar={...}
// escapeChar={...}
// comments={...}
// skipEmptyLines={...}
// delimitersToGuess={...}
// chunkSize={...} // defaults to 10000
// encoding={...} // defaults to utf-8, see FileReader API
>
<ImporterField name="name" label="Name" />
<ImporterField name="email" label="Email" />
<ImporterField name="dob" label="Date of Birth" optional />
<ImporterField name="postalCode" label="Postal Code" optional />
</Importer>;
In the above example, if the user uploads a CSV file with column headers "Name", "Email" and so on, the columns will be automatically matched to fields with same labels. If any of the headers do not match, the user will have an opportunity to manually remap columns to the defined fields.
The preview
object available to some callbacks above contains a snippet of CSV file information (only the first portion of the file is read, not the entire thing). The structure is:
{
rawData: '...', // raw string contents of first file chunk
columns: [ // array of preview columns, e.g.:
{ index: 0, header: 'Date', values: [ '2020-09-20', '2020-09-25' ] },
{ index: 1, header: 'Name', values: [ 'Alice', 'Bob' ] }
],
skipHeaders: false, // true when user selected that data has no headers
parseWarning: undefined, // any non-blocking warning object produced by Papa Parse
}
Importer component children may be defined as a render-prop function that receives an object with preview
and file
fields (see above). It can then, for example, dynamically return different fields depending which headers are present in the CSV.
For more, please see storybook examples.
You can swap the text used in the UI to a different locale.
import { Importer, deDE } from 'react-csv-importer';
// provide the locale to main UI
<Importer
locale={deDE}
// normal props, etc
/>
These locales are provided as part of the NPM module:
en-US
de-DE
it-IT
pt-BR
da-DK
tr-TR
You can also pass your own fully custom locale definition as the locale value. See ImporterLocale
interface in src/locale
for the full definition, and use an existing locale like en-US
as basis. For better performance, please ensure that the customized locale value does not change on every render.
Perform local git clone
, etc. Then ensure modules are installed:
yarn
To start Storybook to have a hot-reloaded local sandbox:
yarn storybook
To run the end-to-end test suite:
yarn test
You can use your own fork of this library in your own project by referencing the forked repo as a Git dependency. NPM will then run the prepare
script, which runs the same Webpack/dist command as when the NPM package is published, so your custom dependency should work just as conveniently as the stock NPM version. Of course if your custom fixes could be useful to the rest of us then please submit a PR to this repo!
displayColumnPageSize
, displayFieldRowSize
)FAQs
React CSV import widget with user-customizable mapping
We found that react-csv-importer demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.