Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
react-tagsinput
Advanced tools
Highly customizable React component for inputing tags.
import React from 'react'
import TagsInput from 'react-tagsinput'
import 'react-tagsinput/react-tagsinput.css'
class Example extends React.Component {
constructor() {
super()
this.state = {tags: []}
}
handleChange = (tags) => {
this.setState({tags})
}
render() {
return <TagsInput value={this.state.tags} onChange={this.handleChange} />
}
}
Look at react-tagsinput.css for a basic style.
An array of tags.
Callback when tags change, gets three arguments tags
which is the new
tag array, changed
which is an array of the tags that have changed and
changedIndexes
which is an array of the indexes that have changed.
Callback from the input box, gets one argument value
which is the content of the input box.
(onChangeInput is only called if the input box is controlled, for this to happen both inputValue and onChangeInput need to be set)
An array of keys or key codes that add a tag, default is [9, 13]
(Tab and Enter).
A string to set a value on the input.
Similar to currentValue
but needed for controlling the input box. (inputValue is only useful if you use it together with onChangeInput)
Allow only unique tags, default is false
.
Allow only tags that pass this validation function. Gets one argument tag
which is the tag to validate. Default is () => true
.
Allow only tags that pass this regex to be added. Default is /.*/
.
Callback when tags are rejected through validationRegex, passing array of tags as the argument.
Passes the disabled prop to renderInput
and renderTag
, by default this
will "disable" the component.
Allow limit number of tags, default is -1
for infinite.
Add a tag if input blurs. Default false.
Add a tags if HTML5 paste on input. Default false.
Function that splits pasted text. Default is:
function defaultPasteSplit (data) {
return data.split(' ').map(d => d.trim())
}
An array of key codes that remove a tag, default is [8]
(Backspace).
Specify the wrapper className. Default is react-tagsinput
.
Specify the class to add to the wrapper when the component is focused. Default is react-tagsinput--focused
.
Props passed down to every tag component. Default is:
{
className: 'react-tagsinput-tag',
classNameRemove: 'react-tagsinput-remove'
}
Props passed down to input. Default is:
{
className: 'react-tagsinput-input',
placeholder: 'Add a tag'
}
The tags' property to be used when displaying/adding one. Default is: null
which causes the tags to be an array of strings.
Render function for every tag. Default is:
function defaultRenderTag (props) {
let {tag, key, disabled, onRemove, classNameRemove, getTagDisplayValue, ...other} = props
return (
<span key={key} {...other}>
{getTagDisplayValue(tag)}
{!disabled &&
<a className={classNameRemove} onClick={(e) => onRemove(key)} />
}
</span>
)
}
Render function for input. Default is:
function defaultRenderInput (props) {
let {onChange, value, addTag, ...other} = props
return (
<input type='text' onChange={onChange} value={value} {...other} />
)
}
Note: renderInput also receives addTag
as a prop.
Renders the layout of the component. Takes tagElements
and inputElement
as args. Default is:
function defaultRenderLayout (tagElements, inputElement) {
return (
<span>
{tagElements}
{inputElement}
</span>
)
}
A boolean
to prevent the default submit event when adding an 'empty' tag.
Default: true
Set to false
if you want the default submit to fire when pressing enter again after adding a tag.
Focus on input element.
Blur input element.
Try to add whatever value is currently in input element.
Convenience method that adds a tag.
Clears the input value.
FAQs
Highly customizable React component for inputing tags
The npm package react-tagsinput receives a total of 58,569 weekly downloads. As such, react-tagsinput popularity was classified as popular.
We found that react-tagsinput demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.