Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Fast, flexible, and simple data tables in React (up to v16).
Reactable allows you to display tabular data client-side, and provides sorting, filtering, and pagination over that data. It uses the power of React.js to do all this very, very quickly, and provides an API that makes simple things easy, while trying to get out of your way as much as possible if you want to do something complicated or unconventional.
There might be hidden bugs lurking around any corner. I'll try to tag any releases with breaking changes.
Note: As of version 1.0.0 ownership of npm reactable package has transferred and linked to this repo as previous owner is no longer maintaining the project. Old issues can be found here. Feel free to submit new issues here.
npm install [--save] reactable
Or, you can just download the raw file here.
That file can be used either as an AMD module, as a CommonJS module in Node, or,
if neither are supported, will register the Reactable object as a property of
the window
object.
Reactable also exposes a set of CommonJS modules for piece-by-piece use with
Node, Webpack, Browserify, etc. These modules are located in the lib
folder
at the root of this repositiory.
Keep in mind that Reactable depends on React, which can be downloaded here
The simplest example:
// ES6
// import { Table } from "reactable";
var Table = Reactable.Table;
ReactDOM.render(
<Table className="table" data={[
{ Name: 'Griffin Smith', Age: 18 },
{ Age: 23, Name: 'Lee Salminen' },
{ Age: 28, Position: 'Developer' },
]} />,
document.getElementById('table')
);
While pretty basic, this example demonstrates a couple things:
<table>
toString()
methodYou can also manually build up your rows using Reactable.Tr
nested in a table,
also using the data
prop, but this time containing only one javascript object.
This approach can be freely combined with the data
property on the <Table>
,
and is useful if you want to specify per-row attributes such as classes, like so:
// ES6
// import { Table, Tr } from "reactable";
var Table = Reactable.Table,
Tr = Reactable.Tr;
ReactDOM.render(
<Table className="table" data={[
{ name: 'Row one', content: 'These are regular data rows' },
{ name: 'Row two', content: 'They work like above' },
]} >
<Tr className="special-row"
data={{ name: 'Other Row' , content: 'This is a different row' }} />
</Table>,
document.getElementById('table')
);
If you want to customize the rendering of individual columns, you can go a level
deeper by embedding a Reactable.Td
inside your Reactable.Tr
. These have the
required column
property, and an optional value
property if you want to
customize the data that's used for sorting and filtering - if the latter isn't
specified, the data used will default to the Td
's children.
Example:
// ES6
// import { Table, Tr, Td } from "reactable";
var Table = Reactable.Table,
Tr = Reactable.Tr,
Td = Reactable.Td;
ReactDOM.render(
<Table className="table" id="table">
<Tr>
<Td column="Name" data="Griffin Smith">
<b>Griffin Smith</b>
</Td>
<Td column="Age">18</Td>
</Tr>
<Tr>
<Td column="Name">Lee Salminen</Td>
<Td column="Age">23</Td>
</Tr>
<Tr>
<Td column="Position">Developer</Td>
<Td column="Age">28</Td>
</Tr>
</Table>,
document.getElementById('table')
);
To override inferring the column list from the attributes of the passed data
objects, you can either:
columns
array property to the <Table>
component, which can be
either:
key
and label
property.
The key
property is the attribute of the row object from which to retrieve
value, and the label
is the text to render in the column header row.<Thead>
component as the first child of the <Table>
, with
<Th>
components as children (note the exclusion of a <Tr>
here),
each of which should have a "column" property. The children of these <Th>
components (either strings or React components themselves) will be used to
render the table headers. For example:// ES6
// import { Table, Thead, Th, Tr, Td } from "reactable";
var Table = Reactable.Table,
Thead = Reactable.Thead,
Th = Reactable.Th,
Tr = Reactable.Tr,
Td = Reactable.Td;
ReactDOM.render(
<Table className="table" id="table">
<Thead>
<Th column="name">
<strong className="name-header">First Name, Last Name</strong>
</Th>
<Th column="age">
<em className="age-header">Age, years</em>
</Th>
</Thead>
<Tr>
<Td column="name" data="Griffin Smith">
<b>Griffin Smith</b>
</Td>
<Td column="age">18</Td>
</Tr>
<Tr>
<Td column="name">Lee Salminen</Td>
<Td column="age">23</Td>
</Tr>
<Tr>
<Td column="position">Developer</Td>
<Td column="age">28</Td>
</Tr>
</Table>,
document.getElementById('table')
);
In this example, the position
column will not be rendered.
Reactable also supports specifying a <tfoot>
for your table, via the
Reactable.Tfoot
class. Per the HTML spec, there can only be one <Tfoot>
per
table and its only children should be React.DOM <tr>
elements (not
<Reactable.Tr>
elements).
If you don't want to go all the way down the JSX rabbit hole to render
individual cells as HTML, and you know your source data is safe, you can wrap
strings in Reactable.unsafe
to prevent their content from being escaped, like
so:
var Table = Reactable.Table,
unsafe = Reactable.unsafe;
ReactDOM.render(
<Table className="table" id="table" data={[
{
'Name': unsafe('<b>Griffin Smith</b>'),
'Github': unsafe('<a href="https://github.com/glittershark"><img src="https://d2k1ftgv7pobq7.cloudfront.net/images/services/8cab38550d1f23032facde191031d024/github.png"></a>')
},
{
'Name': unsafe('<b>Ian Zhang</b>'),
'Github': unsafe('<a href="https://github.com/lofiinterstate"><img src="https://d2k1ftgv7pobq7.cloudfront.net/images/services/8cab38550d1f23032facde191031d024/github.png"></a>')
},
]}/>,
document.getElementById('table')
);
You can also pass in unsafe
strings as column labels or in a <Reactable.Th>
You can also use pagination, by just specifying an itemsPerPage
argument to
the <Table>
component. Include an optional pageButtonLimit
argument to
customize the number of page buttons in the pagination, which defaults to 10.
For example:
<Table className="table" data={[
{ Name: 'Griffin Smith', Age: '18' },
{ Age: '23', Name: 'Lee Salminen' },
{ Age: '28', Position: 'Developer' },
{ Name: 'Griffin Smith', Age: '18' },
{ Age: '30', Name: 'Test Person' },
{ Name: 'Another Test', Age: '26', Position: 'Developer' },
{ Name: 'Third Test', Age: '19', Position: 'Salesperson' },
{ Age: '23', Name: 'End of this Page', Position: 'CEO' },
]} itemsPerPage={4} pageButtonLimit={5} />
You can also change the default text on the buttons by including the
previousPageLabel
and nextPageLabel
props.
To enable sorting on all columns, just specify sortable={true}
on the
<Table>
component. For further customization, ie disabling sort or using a
custom sort function on a per-column basis, you can pass an array to sortable
,
which contains either string column names or column objects.
We've pre-built some sort functions for you.
CaseInsensitive
will sort strings alphabetically regardless of
capitalization (e.g. Joe Smith === joe smith)Date
will sort dates using JavaScript's native Date parser (e.g. 4/20/2014
12:05 PM)Currency
will sort USD format (e.g. $1,000.00)Numeric
will parse integer-like strings as integers (e.g. "1")NumericInteger
will parse integer strings (use Numeric
if you might have floats)To specify a custom sort function, use the following structure for the column object:
{column: 'Column Name', sortFunction: function(a, b){
return a > b ? 1 : -1;
}}
You can also specify a default sort by passing in either a column name by
itself, or an object with a column and a direction
paramenter of either asc
or desc
. If no direction is specified, the default sort will be ascending.
Example:
{column: 'Column Name', direction: 'asc' }
Combined example:
<Table className="table" id="table" data={[
{ Name: 'Lee Salminen', Age: '23', Position: 'Programmer'},
{ Name: 'Griffin Smith', Age: '18', Position: 'Engineer'},
{ Name: 'Ian Zhang', Age: '28', Position: 'Developer'}
]}
sortable={[
{
column: 'Name',
sortFunction: function(a, b){
// Sort by last name
var nameA = a.split(' ');
var nameB = b.split(' ');
return nameA[1].localeCompare(nameB[1]);
}
},
'Age',
'Position'
]}
defaultSort={{column: 'Age', direction: 'desc'}}/>
In case you are constructing your table without the data attribute, and the cells contain some additional HTML elements, you can use the value property on the Td element to define the value to sort for.
In the following example we define two TDs, where the first contains some additional markup. We tell the Td to take "Griffin Smith" as value for data handling (filter or sort).
// ES6
// import { Table, Tr, Td } from "reactable";
var Table = Reactable.Table,
Tr = Reactable.Tr,
Td = Reactable.Td;
ReactDOM.render(
<Table className="table" id="table" sortable={true}>
<Tr>
<Td column="Name" value="Griffin Smith">
<div>
<span>Some Text or Icon</span>
<b>Griffin Smith</b>
</div>
</Td>
<Td column="Age">18</Td>
</Tr>
</Table>,
document.getElementById('table')
);
There is also an boolean defaultSortDescending
option to default the sorting
of a column to descending when clicked:
<Table className="table" id="table" data={[
{ Name: 'Lee Salminen', Age: '23', Position: 'Programmer'},
{ Name: 'Griffin Smith', Age: '18', Position: 'Engineer'},
{ Name: 'Ian Zhang', Age: '28', Position: 'Developer'}
]}
sortable={[
'Age',
'Position'
]}
defaultSort={{column: 'Age', direction: 'desc'}}
defaultSortDescending
You can do simple case-insensitive filtering by specifying a filterable property on the table. This property should contain a list of columns which the filter is performed on. If the filterable property is provided, then an input box with class reactable-filter-input will be prepended to the thead of the table.
Example:
<Table className="table" id="table" data={[
{'State': 'New York', 'Description': 'this is some text', 'Tag': 'new'},
{'State': 'New Mexico', 'Description': 'lorem ipsum', 'Tag': 'old'},
{'State': 'Colorado',
'Description': 'new description that shouldn\'t match filter',
'Tag': 'old'},
{'State': 'Alaska', 'Description': 'bacon', 'Tag': 'renewed'},
]} filterable={['State', 'Tag']} />
There is also a filterBy()
function on the component itself which takes a
single string and applies that as the filtered value. It can be used like so:
var table = ReactDOM.render(
<Table className="table" id="table" data={[
{'State': 'New York', 'Description': 'this is some text', 'Tag': 'new'},
{'State': 'New Mexico', 'Description': 'lorem ipsum', 'Tag': 'old'},
{'State': 'Colorado',
'Description': 'new description that shouldn\'t match filter',
'Tag': 'old'},
{'State': 'Alaska', 'Description': 'bacon', 'Tag': 'renewed'},
]} filterable={['State', 'Tag']} />,
document.getElementById('table')
);
table.filterBy('new');
You can also pass in a filterBy
prop to control the filtering outside of the
Table
component:
var table = ReactDOM.render(
<Table className="table" id="table" data={[
{'State': 'New York', 'Description': 'this is some text', 'Tag': 'new'},
{'State': 'New Mexico', 'Description': 'lorem ipsum', 'Tag': 'old'},
{'State': 'Colorado',
'Description': 'new description that shouldn\'t match filter',
'Tag': 'old'},
{'State': 'Alaska', 'Description': 'bacon', 'Tag': 'renewed'},
]} filterable={['State', 'Tag']}
filterBy="new" />,
document.getElementById('table')
);
If you are using your own input field to control the filterBy
prop, you can
hide the build-in filter input field with the hideFilterInput
prop:
var table = ReactDOM.render(
<Table className="table" id="table" data={[
{'State': 'New York', 'Description': 'this is some text', 'Tag': 'new'},
{'State': 'New Mexico', 'Description': 'lorem ipsum', 'Tag': 'old'},
{'State': 'Colorado',
'Description': 'new description that shouldn\'t match filter',
'Tag': 'old'},
{'State': 'Alaska', 'Description': 'bacon', 'Tag': 'renewed'},
]} filterable={['State', 'Tag']}
filterBy="new"
hideFilterInput />,
document.getElementById('table')
);
These can be useful if you want to roll your own filtering input field outside of Reactable.
You can also provide your own custom filtering functions:
<Table className="table" id="table" data={[
{'State': 'New York', 'Description': 'this is some text', 'Tag': 'new'},
{'State': 'New Mexico', 'Description': 'lorem ipsum', 'Tag': 'old'},
{'State': 'Colorado',
'Description': 'new description that shouldn\'t match filter',
'Tag': 'old'},
{'State': 'Alaska', 'Description': 'bacon', 'Tag': 'renewed'},
]}
filterable={[
{
column: 'State',
filterFunction: function(contents, filter) {
// case-sensitive filtering
return (contents.indexOf(filter) > -1);
}
},
'Tag'
]} />
Your filter function must return a boolean. Refraining from specifying a custom filter function will default to case-insensitive filtering.
If the table is initialized without any <Tr>
s or with an empty array for
data
, you can display text in the body of the table by passing a string
for the optional noDataText
prop:
var table = ReactDOM.render(
<Table
className="table"
id="table" data={[]}
noDataText="No matching records found." />,
document.getElementById('table')
);
You can pass functions to the following props of <Reactable.Table>
to provide
event handlers.
Called when the sorting in the table changes.
This handler will be passed an object that contains the column name that is being sorted by, and the direction it is being sorted:
{
column: 'Name',
direction: -1
}
Called every time the filtering changes.
This handler will be passed a string containing the text that's being used for filtering.
Called every time the page changes.
This handler will be passed a number representing the current page, zero based.
FAQs
Fast, flexible, simple data tables in React
We found that reactable demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.