A little plugin for Bootstrap 4 custom file input

Overview

bs-custom-file-input

npm version dependencies Status devDependencies Status Build Status Coverage Status JS gzip size BrowserStack Status

A little plugin which makes Bootstrap 4 custom file input dynamic with no dependencies.

You can use it on React and Angular too because this plugin is written with the most used JavaScript framework: VanillaJS.

Demo

Features:

  • Works with Bootstrap 4
  • Works without dependencies and jQuery
  • Display file name
  • Display file names for multiple input
  • Reset your custom file input to its initial state
  • Handle form reset
  • Allow custom selectors for input, and form
  • Allow to drag and drop files
  • Allow you to change the default display with a child in the <label> element
  • Built in UMD to be used everywhere
  • Small, only 2kb and less if you gzip it

Table of contents

Install

With npm

npm install bs-custom-file-input --save

CDN

CDN Link
jsDelivr https://cdn.jsdelivr.net/npm/bs-custom-file-input/dist/bs-custom-file-input.js
jsDelivr, minified https://cdn.jsdelivr.net/npm/bs-custom-file-input/dist/bs-custom-file-input.min.js

How to use it

You should wait for the document ready event and call the init method to make your custom file input dynamic. We expose one global variable available everywhere: bsCustomFileInput

$(document).ready(function () {
  bsCustomFileInput.init()
})

Use it with npm

import bsCustomFileInput from 'bs-custom-file-input'

For more examples check out this file.

This library is UMD ready so you can use it everywhere.

Methods

init

Finds your Bootstrap custom file input and will make them dynamic.

Parameters

  • inputSelector

    • default value: .custom-file input[type="file"]
    • type: string

    You can pass a custom input selector, but be sure to pass a file input selector

  • formSelector

    • default value: form
    • type: string

    Allows you to pass a custom form selector, but be sure to pass a form selector

destroy

Removes this plugin from your Bootstrap custom file input and restore them at their first initial state

Compatibility

bsCustomFileInput is compatible with:

  • IE10+
  • Edge
  • Firefox
  • Chrome
  • Safari
  • Chrome Android
  • Safari iOS

You can find our BrowserStack list of browsers here.

Support me

If you want to thank me, you can support me and become my Patron

Thanks

BrowserStack Logo

Thanks to BrowserStack for providing the infrastructure that allows us to test in real browsers!

License

MIT

Comments
  • Long file name -> broken UI

    Long file name -> broken UI

    If you select a file name which is very long, the file name is wrapped into a next line, however, the control is not resized accordingly which looks bad:

    image

    Here is a JSFiddle demonstrating the problem: https://jsfiddle.net/p0ck9hba/2/

    opened by drauch 15
  • Clear text on value clear

    Clear text on value clear

    If the input is cleared using something like: document.getElementById('fileInput').value = ''; The filename stays in place even though the underlying input has been cleared.

    help wanted feature 
    opened by tracerx 10
  • Does not show file name when browser back button has been pressed

    Does not show file name when browser back button has been pressed

    Today I ran into a bug when using your plugin. Steps to reproduce:

    1. Open a page with a form containing a bs-custom-file-input
    2. Select a file
    3. Submit the form, server-side redirects you to another pgae
    4. Press the browser's back button
    5. The page with the form is displayed again, observe the following:
    • The file is still selected - yep.
    • The tooltip still displays the file name - yep.
    • The file name is displayed in the "label" - nope.

    I guess that there is a missing update()/refresh() call.

    Please tell me whether you can (and will : D) fix it anytime soon, or if you'd need a PR for this or if you don't think it's a bug at all.

    Thanks for your nice plugin!

    Best regards, D.R.

    bug 
    opened by drauch 6
  • Multiple files & text overflow

    Multiple files & text overflow

    screenshot 2019-02-19 at 20 46 43

    I was able to remove the content out of the label with overflow: hidden; white-space: nowrap;. Using text-overflow: ellipsis; didn't work though. Is this something worth pursuing?

    source: https://www.codelord.net/2013/08/23/css-tip-overflowing-with-text/

    opened by mapreal19 6
  • Better default path

    Better default path

    At the moment C:\fakepath\filename.ext is generated in the input fields, this is a bit weird, especially on non-windows devices. I think it would be better to use the filename (and extension) as default like example 4 in the demo: https://rawgit.com/Johann-S/bs-custom-file-input/master/demo/index.html

    good first issue feature 
    opened by MartijnCuppens 6
  • Switch to GitHub Actions CI.

    Switch to GitHub Actions CI.

    Requires #56.

    Also:

    • [x] Needs BROWSER_STACK_ACCESS_KEY and BROWSER_STACK_USERNAME added in the repo secrets
    • [x] Branch protection rules need to be adapted
    • [x] Remove Travis CI from repo integrations/apps/hooks
    • [x] Enable delete HEAD branches
    • [x] Enable branches to be up to date
    • [ ] I've yet to find a way to skip the BrowserStack tests like before with [skip browser]
    opened by XhmikosR 5
  • Plugin doesn't appear to work with Vue

    Plugin doesn't appear to work with Vue

    Issue: This plugin doesn't appear to work when used alongside the Vue JavaScript library.

    Here's a demo illustrating the problem: https://codepen.io/d-at-pm/pen/bGNqZzb

    In this scenario the Bootstrap dependencies and the plugin are initialized before Vue is mounted into the DOM. Once a new file is selected the input label does not update with the new filename.

    It is worth mentioning that if the plugin itself is initialized after Vue is mounted to the DOM then it does work.

    This might not actually be an issue with this plugin itself and probably due to the way that Vue handles DOM nodes when initialized but I am curious if anyone else is aware of or has experienced this issue.

    opened by do-adams 2
  • chore(deps-dev): bump karma from 4.4.1 to 6.3.14

    chore(deps-dev): bump karma from 4.4.1 to 6.3.14

    Bumps karma from 4.4.1 to 6.3.14.

    Release notes

    Sourced from karma's releases.

    v6.3.14

    6.3.14 (2022-02-05)

    Bug Fixes

    • remove string template from client code (91d5acd)
    • warn when singleRun and autoWatch are false (69cfc76)
    • security: remove XSS vulnerability in returnUrl query param (839578c)

    v6.3.13

    6.3.13 (2022-01-31)

    Bug Fixes

    • deps: bump log4js to resolve security issue (5bf2df3), closes #3751

    v6.3.12

    6.3.12 (2022-01-24)

    Bug Fixes

    • remove depreciation warning from log4js (41bed33)

    v6.3.11

    6.3.11 (2022-01-13)

    Bug Fixes

    • deps: pin colors package to 1.4.0 due to security vulnerability (a5219c5)

    v6.3.10

    6.3.10 (2022-01-08)

    Bug Fixes

    • logger: create parent folders if they are missing (0d24bd9), closes #3734

    v6.3.9

    6.3.9 (2021-11-16)

    Bug Fixes

    • restartOnFileChange option not restarting the test run (92ffe60), closes #27 #3724

    ... (truncated)

    Changelog

    Sourced from karma's changelog.

    6.3.14 (2022-02-05)

    Bug Fixes

    • remove string template from client code (91d5acd)
    • warn when singleRun and autoWatch are false (69cfc76)
    • security: remove XSS vulnerability in returnUrl query param (839578c)

    6.3.13 (2022-01-31)

    Bug Fixes

    • deps: bump log4js to resolve security issue (5bf2df3), closes #3751

    6.3.12 (2022-01-24)

    Bug Fixes

    • remove depreciation warning from log4js (41bed33)

    6.3.11 (2022-01-13)

    Bug Fixes

    • deps: pin colors package to 1.4.0 due to security vulnerability (a5219c5)

    6.3.10 (2022-01-08)

    Bug Fixes

    • logger: create parent folders if they are missing (0d24bd9), closes #3734

    6.3.9 (2021-11-16)

    Bug Fixes

    • restartOnFileChange option not restarting the test run (92ffe60), closes #27 #3724

    6.3.8 (2021-11-07)

    Bug Fixes

    • reporter: warning if stack trace contains generated code invocation (4f23b14)

    ... (truncated)

    Commits
    • c97e562 chore(release): 6.3.14 [skip ci]
    • 91d5acd fix: remove string template from client code
    • 69cfc76 fix: warn when singleRun and autoWatch are false
    • 839578c fix(security): remove XSS vulnerability in returnUrl query param
    • db53785 chore(release): 6.3.13 [skip ci]
    • 5bf2df3 fix(deps): bump log4js to resolve security issue
    • 36ad678 chore(release): 6.3.12 [skip ci]
    • 41bed33 fix: remove depreciation warning from log4js
    • c985155 docs: create security.md
    • c96f0c5 chore(release): 6.3.11 [skip ci]
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • chore(deps): bump follow-redirects from 1.10.0 to 1.14.7

    chore(deps): bump follow-redirects from 1.10.0 to 1.14.7

    Bumps follow-redirects from 1.10.0 to 1.14.7.

    Commits
    • 2ede36d Release version 1.14.7 of the npm package.
    • 8b347cb Drop Cookie header across domains.
    • 6f5029a Release version 1.14.6 of the npm package.
    • af706be Ignore null headers.
    • d01ab7a Release version 1.14.5 of the npm package.
    • 40052ea Make compatible with Node 17.
    • 86f7572 Fix: clear internal timer on request abort to avoid leakage
    • 2e1eaf0 Keep Authorization header on subdomain redirects.
    • 2ad9e82 Carry over Host header on relative redirects (#172)
    • 77e2a58 Release version 1.14.4 of the npm package.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • chore(deps): bump lodash from 4.17.15 to 4.17.19

    chore(deps): bump lodash from 4.17.15 to 4.17.19

    Bumps lodash from 4.17.15 to 4.17.19.

    Release notes

    Sourced from lodash's releases.

    4.17.16

    Commits
    Maintainer changes

    This version was pushed to npm by mathias, a new releaser for lodash since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bootstrap v5 compatibility

    Bootstrap v5 compatibility

    Hi, while updating and testing on of my sites to BS v5 alpha, I've experienced this library breaking due .custom-file is .form-file now.

    Too bad calling bsCustomFileInput.init('.form-file input[type="file"]') did not do the trick.

    What am I missing?

    Cheers midzer

    opened by midzer 1
  • Remove Source-Maps for Production Builds

    Remove Source-Maps for Production Builds

    Hi @Johann-S,

    I would be happy to have a version of production build files without source maps. These are not necessary for production, and we only keep included files in our deployment. This will result in warnings inside the console because of missing bs-custom-file-input.min.js.map

    https://github.com/Johann-S/bs-custom-file-input/blob/a4cb893188f06e94c811bac1e5c3682bb4b0e459/dist/bs-custom-file-input.min.js#L7

    Thank you so far for this wonderful plugin! 👌🏻

    opened by peter-neumann-dev 0
  • chore(deps): bump async from 2.6.3 to 2.6.4

    chore(deps): bump async from 2.6.3 to 2.6.4

    Bumps async from 2.6.3 to 2.6.4.

    Changelog

    Sourced from async's changelog.

    v2.6.4

    • Fix potential prototype pollution exploit (#1828)
    Commits
    Maintainer changes

    This version was pushed to npm by hargasinski, a new releaser for async since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • chore(deps-dev): bump karma from 4.4.1 to 6.3.16

    chore(deps-dev): bump karma from 4.4.1 to 6.3.16

    Bumps karma from 4.4.1 to 6.3.16.

    Release notes

    Sourced from karma's releases.

    v6.3.16

    6.3.16 (2022-02-10)

    Bug Fixes

    • security: mitigate the "Open Redirect Vulnerability" (ff7edbb)

    v6.3.15

    6.3.15 (2022-02-05)

    Bug Fixes

    v6.3.14

    6.3.14 (2022-02-05)

    Bug Fixes

    • remove string template from client code (91d5acd)
    • warn when singleRun and autoWatch are false (69cfc76)
    • security: remove XSS vulnerability in returnUrl query param (839578c)

    v6.3.13

    6.3.13 (2022-01-31)

    Bug Fixes

    • deps: bump log4js to resolve security issue (5bf2df3), closes #3751

    v6.3.12

    6.3.12 (2022-01-24)

    Bug Fixes

    • remove depreciation warning from log4js (41bed33)

    v6.3.11

    6.3.11 (2022-01-13)

    Bug Fixes

    • deps: pin colors package to 1.4.0 due to security vulnerability (a5219c5)

    ... (truncated)

    Changelog

    Sourced from karma's changelog.

    6.3.16 (2022-02-10)

    Bug Fixes

    • security: mitigate the "Open Redirect Vulnerability" (ff7edbb)

    6.3.15 (2022-02-05)

    Bug Fixes

    6.3.14 (2022-02-05)

    Bug Fixes

    • remove string template from client code (91d5acd)
    • warn when singleRun and autoWatch are false (69cfc76)
    • security: remove XSS vulnerability in returnUrl query param (839578c)

    6.3.13 (2022-01-31)

    Bug Fixes

    • deps: bump log4js to resolve security issue (5bf2df3), closes #3751

    6.3.12 (2022-01-24)

    Bug Fixes

    • remove depreciation warning from log4js (41bed33)

    6.3.11 (2022-01-13)

    Bug Fixes

    • deps: pin colors package to 1.4.0 due to security vulnerability (a5219c5)

    6.3.10 (2022-01-08)

    Bug Fixes

    • logger: create parent folders if they are missing (0d24bd9), closes #3734

    ... (truncated)

    Commits
    • ab4b328 chore(release): 6.3.16 [skip ci]
    • ff7edbb fix(security): mitigate the "Open Redirect Vulnerability"
    • c1befa0 chore(release): 6.3.15 [skip ci]
    • d9dade2 fix(helper): make mkdirIfNotExists helper resilient to concurrent calls
    • 653c762 ci: prevent duplicate CI tasks on creating a PR
    • c97e562 chore(release): 6.3.14 [skip ci]
    • 91d5acd fix: remove string template from client code
    • 69cfc76 fix: warn when singleRun and autoWatch are false
    • 839578c fix(security): remove XSS vulnerability in returnUrl query param
    • db53785 chore(release): 6.3.13 [skip ci]
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • chore(deps): bump follow-redirects from 1.10.0 to 1.14.8

    chore(deps): bump follow-redirects from 1.10.0 to 1.14.8

    Bumps follow-redirects from 1.10.0 to 1.14.8.

    Commits
    • 3d81dc3 Release version 1.14.8 of the npm package.
    • 62e546a Drop confidential headers across schemes.
    • 2ede36d Release version 1.14.7 of the npm package.
    • 8b347cb Drop Cookie header across domains.
    • 6f5029a Release version 1.14.6 of the npm package.
    • af706be Ignore null headers.
    • d01ab7a Release version 1.14.5 of the npm package.
    • 40052ea Make compatible with Node 17.
    • 86f7572 Fix: clear internal timer on request abort to avoid leakage
    • 2e1eaf0 Keep Authorization header on subdomain redirects.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • chore(deps): bump ajv from 6.12.0 to 6.12.6

    chore(deps): bump ajv from 6.12.0 to 6.12.6

    Bumps ajv from 6.12.0 to 6.12.6.

    Release notes

    Sourced from ajv's releases.

    v6.12.6

    Fix performance issue of "url" format.

    v6.12.5

    Fix uri scheme validation (@​ChALkeR). Fix boolean schemas with strictKeywords option (#1270)

    v6.12.4

    Fix: coercion of one-item arrays to scalar that should fail validation (failing example).

    v6.12.3

    Pass schema object to processCode function Option for strictNumbers (@​issacgerges, #1128) Fixed vulnerability related to untrusted schemas (CVE-2020-15366)

    v6.12.2

    Removed post-install script

    v6.12.1

    Docs and dependency updates

    Commits
    • fe59143 6.12.6
    • d580d3e Merge pull request #1298 from ajv-validator/fix-url
    • fd36389 fix: regular expression for "url" format
    • 490e34c docs: link to v7-beta branch
    • 9cd93a1 docs: note about v7 in readme
    • 877d286 Merge pull request #1262 from b4h0-c4t/refactor-opt-object-type
    • f1c8e45 6.12.5
    • 764035e Merge branch 'ChALkeR-chalker/fix-comma'
    • 3798160 Merge branch 'chalker/fix-comma' of git://github.com/ChALkeR/ajv into ChALkeR...
    • a3c7eba Merge branch 'refactor-opt-object-type' of github.com:b4h0-c4t/ajv into refac...
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • chore(deps): bump pathval from 1.1.0 to 1.1.1

    chore(deps): bump pathval from 1.1.0 to 1.1.1

    Bumps pathval from 1.1.0 to 1.1.1.

    Release notes

    Sourced from pathval's releases.

    v1.1.1

    Fixes a security issue around prototype pollution.

    Commits
    • db6c3e3 chore: v1.1.1
    • 7859e0e Merge pull request #60 from deleonio/fix/vulnerability-prototype-pollution
    • 49ce1f4 style: correct rule in package.json
    • c77b9d2 fix: prototype pollution vulnerability + working tests
    • 49031e4 chore: remove very old nodejs
    • 57730a9 chore: update deps and tool configuration
    • a123018 Merge pull request #55 from chaijs/remove-lgtm
    • 07eb4a8 Delete MAINTAINERS
    • a0147cd Merge pull request #54 from astorije/patch-1
    • aebb278 Center repo name on README
    • Additional commits viewable in compare view
    Maintainer changes

    This version was pushed to npm by chai, a new releaser for pathval since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
Releases(v1.3.2)
Docusaurus-react-native-plugin - A plugin to enable React Native Web and Reanimated on Docusaurus.

Docusaurus React Native Plugin A plugin to enable React Native Web and Reanimated on Docusaurus. Installation yarn add @gorhom/docusaurus-react-native

Mo Gorhom 29 Apr 30, 2022
A csv file import button for react-admin

react-admin-import-csv CSV import button for the react-admin framework. Usage Simply import the button into a toolbar, like so: Basic Import Action On

Ben Winding 110 Sep 8, 2022
An NFT Marketplace React dApp demo on the Polygon blockchain with basic functionalities such as acquire and mint NFTs using ERC721 Smart Contract and Interplanetary File System IPFS.

Polygon-NFT-marketplace generated from jellydn/dapp-starter Opinionated Dapp Starter Template Homepage - Marketplace NFT Minting Features The React Fr

null 121 Sep 27, 2022
Simple File uploader using React , styled-components and firebase

Getting Started with Create React App This project was bootstrapped with Create React App. Available Scripts In the project directory, you can run: np

Daemon 1 Dec 30, 2021
Create-editorconfig - A simple npm script to generate an .editorconfig file

Create EditorConfig A simple npm script to generate an .editorconfig file. You d

Douglas Moura 7 Jul 5, 2022
logseq plugin boilerplate w/ React & Vite

logseq plugin boilerplate w/ React & Vite

Peng Xiao 49 Sep 18, 2022
An Afosto search client plugin for the open-source InstantSearch.js library

Afosto Instant Search Client This library is an Afosto search client plugin for

Afosto 5 Apr 19, 2022
A vite plugin for generating cross browser platform, ES module based web extensions.

@samrum/vite-plugin-web-extension A vite plugin for generating cross browser platform, ES module based web extensions. Features Manifest V2 & V3 Suppo

Ruben Medina 48 Sep 30, 2022
A react-bootstrap starter template with react-router

React Bootstrap Starter is a starter template for react and bootstrap created by Chris Achinga. This theme uses Create React App, react-bootstrap and gh-pages.

_chris 33 Oct 1, 2022
Volt React is a free and open source admin dashboard template built in React.js and based on the latest version of the Bootstrap 5

Volt React is a free and open source admin dashboard template built in React.js and based on the latest version of the Bootstrap 5 CSS framework. It features over 100 UI elements, plugins, and example based built with React components.

Themesberg 652 Sep 23, 2022
Light Bootstrap Dashboard React is an admin dashboard template designed to be beautiful and simple.

Light Bootstrap Dashboard React Light Bootstrap Dashboard React is an admin dashboard template designed to be beautiful and simple. It is built on top

Creative Tim 678 Sep 28, 2022
Free Open Source High Quality Dashboard based on Bootstrap 4 & React 16

Airframe React High Quality Dashboard / Admin / Analytics template that works great on any smartphone, tablet or desktop. Available as Open Source as

null 3.8k Sep 25, 2022
Datta Able Free Bootstrap 4 Admin Template

Datta Able Free Dashboard Template made using Bootstrap 4 framework, It is a free lite version of Datta Able Pro Dashboard Template that makes you fulfill your Dashboard needs.

CodedThemes 107 Sep 18, 2022
Black Dashboard React is a beautiful Bootstrap 4, Reacstrap and React (create-react-app) Admin Dashboard with a huge number of components built to fit together and look amazing.

Black Dashboard React Black Dashboard React is a beautiful Bootstrap 4, Reacstrap and React (create-react-app) Admin Dashboard with a huge number of c

Creative Tim 389 Sep 28, 2022
Now UI Kit React - Free Bootstrap 4, React, React Hooks and Reactstrap UI Kit

Now UI Kit React is a free Bootstrap 4, React, React Hooks and Reactstrap UI Kit provided for free by Invision and Creative Tim. It is a beautiful cross-platform UI kit featuring over 50 elements and 3 templates.

Creative Tim 124 Sep 22, 2022
CoreUI React is a free React admin template based on Bootstrap 5

CoreUI Free React Admin Template v4 CoreUI is meant to be the UX game changer. Pure & transparent code is devoid of redundant components, so the app i

CoreUI 3.9k Sep 26, 2022
CoreUI is free bootstrap admin template for react

CoreUI Free Bootstrap Admin Template For React

CoreUI 11.4k Sep 28, 2022
Build React Typescript Authentication and Authorization example using React Hooks, React Router, Axios and Bootstrap

React Typescript JWT authentication and authorization example with Hooks, React router, Axios - Role based authentication example

null 25 Jul 15, 2022
Kotaplate is web app template based on Create React App and Bootstrap 5

Kotaplate is web app template based on Create React App and Bootstrap 5

Asrul Hanafi 8 Jul 22, 2022