Research
Security News
Malicious npm Package Wipes Codebases with Remote Trigger
A malicious npm typosquat uses remote commands to silently delete entire project directories after a single mistyped install.
By Kush Pandya - May 30, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
- Maintainers
- 1
streamlit-shadcn-ui :construction:
Using shadcn-ui components in streamlit
Installation
pip install streamlit-shadcn-ui
example:
import streamlit_shadcn_ui as ui
trigger_btn = ui.button(text="Trigger Button", key="trigger_btn")
ui.alert_dialog(show=trigger_btn, title="Alert Dialog", description="This is an alert dialog", confirm_label="OK", cancel_label="Cancel", key="alert_dialog1")
Components
Check docs and compoenent examples in
- button
- checkbox
- select
- tabs
- card
- avatar
- date_picker
- date_range_picker (date_picker with mode="range")
- table
- input
- slider
- textarea
- switch
- radio_group
- alert_dialog
- hover_card
- badges
- link_button
One more thing
There is a new component in testing, it will allows you to nest all streamlit-shadcn-ui components together. It will not treat each component as an independent streamlit custom component in iframe, but parse the component structure as data and render them all at once in one iframe.
example (live demo):
with ui.card(key="card1"):
with ui.card(key="card2"):
ui.element("input", key="card2_input")
ui.element("button", key="card2_btn", text="Nest Submmit", variant="outline")
ui.element("button", key="card1_btn", text="Hello World")
Development Guide
There are several scripts in scripts folder to help you develop this project.
# For local development
./scripts/frontend.sh # frontend dev server
./scripts/dev.sh # streamlit dev server
This repo follows the streamlit custom component structure.
./streamlit_shadcn_uiis the python package./streamlit_shadcn_ui/componentsis the frontend mono repo./streamlit_shadcn_ui/components/packages/frontendis the custom components collection../streamlit_shadcn_ui/components/packages/streamlit-components-libis a patch of streamlit-components-lib for react 18 (For now, only the react/react-dom version is changed).
./streamlit_shadcn_ui/py_componentsis the python level API for components.
Reference
License
This repo is under MIT license. See LICENSE for details.
streamlit_shadcn_ui/components/packages/streamlit-components-lib is under its original Apache-2.0 license. It is a temporal patch for streamlit-components-lib in react 18.
Keywords
FAQs
Using shadcn components in Streamlit
We found that streamlit-shadcn-ui demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Monkey-Patched PyPI Packages Use Transitive Dependencies to Steal Solana Private Keys
Malicious PyPI package semantic-types steals Solana private keys via transitive dependency installs using monkey patching and blockchain exfiltration.
By Kirill Boychenko - May 29, 2025
Security News
OpenJS Foundation Is Now a CNA for 40+ JavaScript Projects Under Its Umbrella
New CNA status enables OpenJS Foundation to assign CVEs for security vulnerabilities in projects like ESLint, Fastify, Electron, and others, while leaving disclosure responsibility with individual maintainers.
By Sarah Gooding - May 29, 2025