Sticky component for awesome React apps

Related tags

react-sticky
Overview

react-sticky Build Status

Make your React components sticky!

Update No longer actively maintained:

The 6.0.3 release is the last release maintained. This means we will not be considering any PR's and/or responding to any issues until a new maintainer is identified. It is highly recommended that you begin transitioning to another sticky library to ensure better support and sustainability. This is obviously less than ideal - sorry for any inconvenience!

Demos

Version 6.x Highlights

  • Completely redesigned to support sticky behavior via higher-order component, giving you ultimate control of implementation details
  • Features a minimal yet efficient API
  • Drops support for versions of React < 15.3. If you are using an earlier version of React, continue to use the 5.x series

CSS

There's a CSS alternative to react-sticky: the position: sticky feature. However it currently does not have full browser support, specifically a lack of IE11 support and some bugs with table elements. Before using react-sticky, check to see if the browser support and restrictions prevent you from using position: sticky, as CSS will always be faster and more durable than a JS implementation.

position: -webkit-sticky;
position: sticky;
top: 0;

Installation

npm install react-sticky

Overview & Basic Example

The goal of react-sticky is make it easier for developers to build UIs that have sticky elements. Some examples include a sticky navbar, or a two-column layout where the left side sticks while the right side scrolls.

react-sticky works by calculating the position of a <Sticky> component relative to a <StickyContainer> component. If it would be outside the viewport, the styles required to affix it to the top of the screen are passed as an argument to a render callback, a function passed as a child.

<StickyContainer>
  <Sticky>{({ style }) => <h1 style={style}>Sticky element</h1>}</Sticky>
</StickyContainer>

The majority of use cases will only need the style to pass to the DOM, but some other properties are passed for advanced use cases:

  • style (object) - modifiable style attributes to optionally be passed to the element returned by this function. For many uses, this will be the only attribute needed.
  • isSticky (boolean) - is the element sticky as a result of the current event?
  • wasSticky (boolean) - was the element sticky prior to the current event?
  • distanceFromTop (number) - number of pixels from the top of the Sticky to the nearest StickyContainer's top
  • distanceFromBottom (number) - number of pixels from the bottom of the Sticky to the nearest StickyContainer's bottom
  • calculatedHeight (number) - height of the element returned by this function

The Sticky's child function will be called when events occur in the parent StickyContainer, and will serve as the callback to apply your own logic and customizations, with sane style attributes to get you up and running quickly.

Full Example

Here's an example of all of those pieces together:

app.js

import React from 'react';
import { StickyContainer, Sticky } from 'react-sticky';
// ...

class App extends React.Component {
  render() {
    return (
      <StickyContainer>
        {/* Other elements can be in between `StickyContainer` and `Sticky`,
        but certain styles can break the positioning logic used. */}
        <Sticky>
          {({
            style,

            // the following are also available but unused in this example
            isSticky,
            wasSticky,
            distanceFromTop,
            distanceFromBottom,
            calculatedHeight
          }) => (
            <header style={style}>
              {/* ... */}
            </header>
          )}
        </Sticky>
        {/* ... */}
      </StickyContainer>
    );
  },
};

When the "stickiness" becomes activated, the arguments to the sticky function are modified. Similarly, when deactivated, the arguments will update accordingly.

<StickyContainer /> Props

<StickyContainer /> supports all valid <div /> props.

<Sticky /> Props

relative (default: false)

Set relative to true if the <Sticky /> element will be rendered within an overflowing <StickyContainer /> (e.g. style={{ overflowY: 'auto' }}) and you want the <Sticky /> behavior to react to events only within that container.

When in relative mode, window events will not trigger sticky state changes. Only scrolling within the nearest StickyContainer can trigger sticky state changes.

topOffset (default: 0)

Sticky state will be triggered when the top of the element is topOffset pixels from the top of the closest <StickyContainer />. Positive numbers give the impression of a lazy sticky state, whereas negative numbers are more eager in their attachment.

app.js

<StickyContainer>
  ...
  <Sticky topOffset={80}>
    { props => (...) }
  </Sticky>
  ...
</StickyContainer>

The above would result in an element that becomes sticky once its top is greater than or equal to 80px away from the top of the <StickyContainer />.

bottomOffset (default: 0)

Sticky state will be triggered when the bottom of the element is bottomOffset pixels from the bottom of the closest <StickyContainer />.

app.js

<StickyContainer>
  ...
  <Sticky bottomOffset={80}>
    { props => (...) }
  </Sticky>
  ...
</StickyContainer>

The above would result in an element that ceases to be sticky once its bottom is 80px away from the bottom of the <StickyContainer />.

disableCompensation (default: false)

Set disableCompensation to true if you do not want your <Sticky /> to apply padding to a hidden placeholder <div /> to correct "jumpiness" as attachment changes from position:fixed and back.

app.js

<StickyContainer>
  ...
  <Sticky disableCompensation>
    { props => (...) }
  </Sticky>
  ...
</StickyContainer>

disableHardwareAcceleration (default: false)

When disableHardwareAcceleration is set to true, the <Sticky /> element will not use hardware acceleration (e.g. transform: translateZ(0)). This setting is not recommended as it negatively impacts the mobile experience, and can usually be avoided by improving the structure of your DOM.

app.js

<StickyContainer>
  ...
  <Sticky disableHardwareAcceleration>
    { props => (...) }
  </Sticky>
  ...
</StickyContainer>

FAQ

I get errors while using React.Fragments

React.Fragments does not correspond to an actual DOM node, so react-sticky can not calculate its position. Because of this, React.Fragments is not supported.

Issues
  • Cannot read property 'getBoundingClientRect' of undefined

    Cannot read property 'getBoundingClientRect' of undefined

    I'm not sure how to reproduce it, but we just got a report for the above error on the line:

    https://github.com/captivationsoftware/react-sticky/blob/master/src/sticky.js#L69

    return this.refs.placeholder.getBoundingClientRect().top;
    
    opened by aaronjensen 34
  • Applying `translateZ(0px);` breaks all fixed child elements

    Applying `translateZ(0px);` breaks all fixed child elements

    After updating this package I found that my fixed-position mobile menus (children of the Sticky component) had broken.

    Turns out (according to http://stackoverflow.com/questions/2637058/positions-fixed-doesnt-work-when-using-webkit-transform) you cannot have fixed elements as children of transformed elements.

    the fixed position of an element is broken if you apply transform to any ancestor.

    Maybe something worth thinking about? I'm not sure if it's a specific issue itself, but thought I'd alert you.

    opened by dotbear 19
  • 'getBoundingClientRect' of null error when using together with react-router

    'getBoundingClientRect' of null error when using together with react-router

    I have nested StickyContainers. One global (that is available all the time) and two containers that are inside routes. When switching those two routes back and forth quickly, I will get the following error:

    Uncaught TypeError: Cannot read property 'getBoundingClientRect' of null
    

    in the following line: https://github.com/captivationsoftware/react-sticky/blob/43a370d2810215de1b7d9c7a5986d860c52206e1/src/Container.js#L47

    Seems like react-sticky is trying to access an unmounted(?) container and therefore is not getting the node.

    The StickyContainer inside the routes is wrapped inside a div (that is inside the route component):

    <Router render={() => (
      <div>
        <StickyContainer>
           // ...
         </StickyContainer>
      </div>
    )}>
    

    I guess the easiest solution for this is to wrap the code that throws the error with:

    if (this.node) {
      // ...
    }
    

    So this error doesn't happen anymore. For me it doesn't break the functionality, It just throws the error.

    Or maybe I have done something wrong with using the StickyContainer.

    Can you give me any feedback on this?

    bug 
    opened by tchock 16
  • Support React16

    Support React16

    opened by r-tock 15
  • Feature: sticky bottom (sticky footer) [WIP]

    Feature: sticky bottom (sticky footer) [WIP]

    Hello! I've implemented position property for sticky: now you can stick container to the bottom. Still no test cases, but if you like the feature I can add it.

    PR for #90

    opened by Dr-Nikson 15
  • Custom element for StickyContainer

    Custom element for StickyContainer

    I have a case where I need the sticky container to be a section, but don't want to have an extra wrapper around the content. Would it make sense to allow passing in a custom html tag as a prop?

    enhancement open discussion 
    opened by claudiamatosa 14
  • [Feature Request] Add the ability to turn off on mobile

    [Feature Request] Add the ability to turn off on mobile

    First off, want to say thanks and love this!

    Do you have any plans to create an option to disable sticky on mobile?

    Thanks,

    -Tim

    opened by timdoes 13
  • Also stick to bottom of StickyContainer

    Also stick to bottom of StickyContainer

    Hi there!

    Not sure if this project is still being maintained, but I was wondering if there is a way to the Sticky element to not only stick when you scroll past the top of the StickyContainer but also stick to the bottom of the StickyContainer too rather than jump back to it's original top position?

    Thanks :-)

    user support 
    opened by oldo 13
  • Fixed Safari iOS rubberband issue

    Fixed Safari iOS rubberband issue

    This addresses an issue with the "rubberband" effect on iOS causing positive offset values and wrongly determine the sticky state.

    opened by BowlingX 13
  • Add support for custom scroll containers

    Add support for custom scroll containers

    Fixes #146.

    Add scrollContainer prop to Sticky component to enable scrolling on non-window elements. This is useful during complex UI, where the scrollable element may not be the window.

    The scrollContainer param supports selectors or a node. The default value is window, so this change is backwards compatible.

    Usage:

    <div id="fixed-div" style={{position: 'fixed', height: '100vh', width: '100vh', overflowY: 'scroll'}}>
      <StickyContainer>
        <Sticky stickyContainer="#fixed-div">
          ...
        </Sticky>
        ...
      </StickyContainer >
    </div>
    

    Haven't documented, but have tested and works as expected.

    opened by chrisvxd 12
  • Bump url-parse from 1.4.4 to 1.5.3

    Bump url-parse from 1.4.4 to 1.5.3

    Bumps url-parse from 1.4.4 to 1.5.3.

    Commits
    • ad44493 [dist] 1.5.3
    • c798461 [fix] Fix host parsing for file URLs (#210)
    • 201034b [dist] 1.5.2
    • 2d9ac2c [fix] Sanitize only special URLs (#209)
    • fb128af [fix] Use 'null' as origin for non special URLs
    • fed6d9e [fix] Add a leading slash only if the URL is special
    • 94872e7 [fix] Do not incorrectly set the slashes property to true
    • 81ab967 [fix] Ignore slashes after the protocol for special URLs
    • ee22050 [ci] Use GitHub Actions
    • d2979b5 [fix] Special case the file: protocol (#204)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump tar from 4.4.8 to 4.4.19

    Bump tar from 4.4.8 to 4.4.19

    Bumps tar from 4.4.8 to 4.4.19.

    Commits
    • 9a6faa0 4.4.19
    • 70ef812 drop dirCache for symlink on all platforms
    • 3e35515 4.4.18
    • 52b09e3 fix: prevent path escape using drive-relative paths
    • bb93ba2 fix: reserve paths properly for unicode, windows
    • 2f1bca0 fix: prune dirCache properly for unicode, windows
    • 9bf70a8 4.4.17
    • 6aafff0 fix: skip extract if linkpath is stripped entirely
    • 5c5059a fix: reserve paths case-insensitively
    • fd6accb 4.4.16
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump path-parse from 1.0.6 to 1.0.7

    Bump path-parse from 1.0.6 to 1.0.7

    Bumps path-parse from 1.0.6 to 1.0.7.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump set-getter from 0.1.0 to 0.1.1

    Bump set-getter from 0.1.0 to 0.1.1

    Bumps set-getter from 0.1.0 to 0.1.1.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump dns-packet from 1.3.1 to 1.3.4

    Bump dns-packet from 1.3.1 to 1.3.4

    Bumps dns-packet from 1.3.1 to 1.3.4.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump browserslist from 4.4.1 to 4.16.6

    Bump browserslist from 4.4.1 to 4.16.6

    Bumps browserslist from 4.4.1 to 4.16.6.

    Changelog

    Sourced from browserslist's changelog.

    4.16.6

    • Fixed npm-shrinkwrap.json support in --update-db (by Geoff Newman).

    4.16.5

    • Fixed unsafe RegExp (by Yeting Li).

    4.16.4

    • Fixed unsafe RegExp.
    • Added artifactory support to --update-db (by Ittai Baratz).

    4.16.3

    • Fixed --update-db.

    4.16.2

    4.16.1

    • Fixed Chrome 4 with mobileToDesktop (by Aron Woost).

    4.16

    • Add browserslist config query.

    4.15

    • Add TypeScript types (by Dmitry Semigradsky).

    4.14.7

    • Fixed Yarn Workspaces support to --update-db (by Fausto Núñez Alberro).
    • Added browser changes to --update-db (by @​AleksandrSl).
    • Added color output to --update-db.
    • Updated package.funding to have link to our Open Collective.

    4.14.6

    • Fixed Yarn support in --update-db (by Ivan Storck).
    • Fixed npm 7 support in --update-db.

    4.14.5

    • Fixed last 2 electron versions query (by Sergey Melyukov).

    4.14.4

    • Fixed Unknown version 59 of op_mob error.

    4.14.3

    • Update Firefox ESR.

    4.14.2

    • Fixed --update-db on Windows (by James Ross).
    • Improved --update-db output.

    4.14.1

    • Added --update-db explanation (by Justin Zelinsky).

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump lodash from 4.17.11 to 4.17.21

    Bump lodash from 4.17.11 to 4.17.21

    Bumps lodash from 4.17.11 to 4.17.21.

    Commits
    • f299b52 Bump to v4.17.21
    • c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
    • 3469357 Prevent command injection through _.template's variable option
    • ded9bc6 Bump to v4.17.20.
    • 63150ef Documentation fixes.
    • 00f0f62 test.js: Remove trailing comma.
    • 846e434 Temporarily use a custom fork of lodash-cli.
    • 5d046f3 Re-enable Travis tests on 4.17 branch.
    • aa816b3 Remove /npm-package.
    • d7fbc52 Bump to v4.17.19
    • Additional commits viewable in compare view
    Maintainer changes

    This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump ua-parser-js from 0.7.17 to 0.7.28

    Bump ua-parser-js from 0.7.17 to 0.7.28

    Bumps ua-parser-js from 0.7.17 to 0.7.28.

    Commits
    • 1d3c98a Revert breaking fix #279 and release as 0.7.28
    • 535f11b Delete redundant code
    • 642c039 Fix #492 LG TV WebOS detection
    • 3edacdd Merge branch 'master' into develop
    • acc0b91 Update contributor list
    • f726dcd Merge branch 'master' into develop
    • 383ca58 More test for tablet devices
    • 7c8aa43 Minor rearrangement
    • 09aa910 Add new device & browser: Tesla
    • 557cc21 More test for latest phones with unique form factor (fold/flip/qwerty/swivel)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump ssri from 6.0.1 to 6.0.2

    Bump ssri from 6.0.1 to 6.0.2

    Bumps ssri from 6.0.1 to 6.0.2.

    Changelog

    Sourced from ssri's changelog.

    6.0.2 (2021-04-07)

    Bug Fixes

    • backport regex change from 8.0.1 (b30dfdb), closes #19

    Commits
    Maintainer changes

    This version was pushed to npm by nlf, a new releaser for ssri since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • 'Sticky' is deprecated.

    'Sticky' is deprecated.

    I'm submitting a ...

    • [x] bug report
    • [ ] feature request
    • [ ] support request

    If you're reporting a bug, please provide a minimal demonstration of the problem

    bug report

    import Sticky fail, "'Sticky' is deprecated."

    import { StickyContainer, Sticky } from 'react-sticky';

    "react-sticky": {
          "version": "6.0.3",
          "resolved": "https://registry.npm.taobao.org/react-sticky/download/react-sticky-6.0.3.tgz",
          "integrity": "sha1-ehi2Q+GGPaET1/cDYRjSp12ezeQ=",
          "requires": {
            "prop-types": "^15.5.8",
            "raf": "^3.3.0"
          }
        }
    
    opened by menglingyu 1
Owner
Captivation Software
Captivation Software
A performant and comprehensive React sticky component.

react-stickynode A performant and comprehensive React sticky component. A sticky component wraps a sticky target and keeps the target in the viewport

Yahoo 945 Oct 14, 2021
Hide your header until you need it

react-headroom Hide your header until you need it. Demo http://kyleamathews.github.io/react-headroom Install npm install react-headroom Usage A simple

Kyle Mathews 1.6k Oct 21, 2021