Gathering detailed insights and metrics for restricted-input
Gathering detailed insights and metrics for restricted-input
Restrict <input>s to certain valid characters (e.g. formatting phone or card numbers)
Installations
npm install restricted-inputDeveloper
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
Typescript Support
Yes
Node Version
18.18.2
NPM Version
9.8.1
Statistics
68 Stars
286 Commits
25 Forks
18 Watching
36 Branches
72 Contributors
Updated on 21 Nov 2024
Languages
TypeScript (66.06%)
JavaScript (25.81%)
HTML (7.68%)
Shell (0.45%)
Total Downloads
Cumulative downloads
Total Downloads
47,041,360
Last day
-12.8%
53,352
Compared to previous day
Last week
4.5%
278,812
Compared to previous week
Last month
23.4%
1,199,289
Compared to previous month
Last year
36.8%
11,395,169
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Dev Dependencies
26
@types/jest@typescript-eslint/eslint-plugin@wdio/browserstack-service@wdio/cli@wdio/local-runner@wdio/mocha-framework@wdio/spec-reporter@wdio/syncbrowserifybrowserstack-localchaichokidar-clidotenveslinteslint-config-braintreeeslint-plugin-prettierexpressjestjest-environment-jsdomjsdocprettierts-jesttsifytypescriptuuidwebdriverio
Versions
Restricted Input
Allow restricted character sets in input elements.
Demo
Try the latest version of Restricted Input here.
Features
- Disallow arbitrary characters based on patterns
- Maintains caret position
- Format/Update on paste
- Works in IE11+
Development
Install dependencies
1nvm use # if you have node version manager installed 2npm i
Watch files and run demo server
1npm run development
This will start a server on port 3099 which can be overridden with the PORT env var.
Unit tests
The following command will run the linting task and the unit tests.
1npm test
Integration tests
We use Browserstack to automate end to end testing on Google Chrome, Safari, Firefox, Microsoft Edge, and Internet Explorer 11.
First, sign up for a free open source Browserstack account.
Copy the .env.example file to .env
1cp .env.example .env
Fill in the BROWSERSTACK_USERNAME and BROWSERSTACK_ACCESS_KEY environmental variables with your credentials:
1BROWSERSTACK_USERNAME=username 2BROWSERSTACK_ACCESS_KEY=access_key
To run the integration tests in Safari, Google Chrome, Firefox, IE11 and Microsoft Edge:
1npm run development # in another terminal window 2npm run test:integration
To run tests in only one browser, prefix the test command with an ONLY_BROWSERS env variable:
1# run only in edge browser 2ONLY_BROWSERS=edge npm run test:integration 3 4# run only in chrome browser 5ONLY_BROWSERS=chrome npm run test:integration 6 7# run only in ie 11 browser 8ONLY_BROWSERS=ie npm run test:integration 9 10# run only in safari browser 11ONLY_BROWSERS=safari npm run test:integration 12 13# run only in firefox browser 14ONLY_BROWSERS=firefox npm run test:integration
To run tests in certain browsers, prefix the test command with an ONLY_BROWSERS env variable, with each browser comma separated:
1# run only in edge and chrome browsers 2ONLY_BROWSERS=edge,chrome npm run test:integration
To run only certain tests, add the .only property before running the test:
1it.only('does something', function () {
Usage
1import RestrictedInput from "restricted-input"; 2 3const formattedCreditCardInput = new RestrictedInput({ 4 element: document.querySelector("#credit-card"), 5 pattern: "{{9999}} {{9999}} {{9999}} {{9999}}", 6});
Patterns
Patterns are a mixture of Placeholders and PermaChars.
Placeholder
A Placeholder is the part of the pattern that accepts user input based on some restrictions. A placeholder is defined in the pattern using two open curly brackets, the placeholder, followed by two closing curly brackets e.g. {{Abc123}}.
The patterns a Placeholder can be are:
- a single alpha character that matches the alpha regex
/[A-Za-z]/. e.g.{{C}}will match one alpha character. - a single digit that matches the digit regex
/[0-9]/. e.g.{{3}}will match one digit. - a
*character that matches/./. e.g.{{*}}will match the next character.
PermaChar
A PermaChar is the part of the pattern that is automatically inserted. PermaChars are defined in the pattern as any characters other than Placeholders.
Example patterns
Some example patterns with behavior are listed:
12{{3}}- Inserts
12. - Waits for a single digit from the user.
- Inserts
{{A}}BC- Waits for a single alpha from the user.
- Inserts
BC.
${{*2L}}E- Inserts
$. - Waits for any single character input from the user.
- Waits for a single digit from the user.
- Waits for a single alpha from the user.
- Inserts
E.
- Inserts
Paste Event
If an input is changed via a paste event, you may want to adjust the pattern before input formatting occurs. In this case, pass an onPasteEvent callback:
1const formattedCreditCardInput = new RestrictedInput({ 2 element: document.querySelector('#credit-card'), 3 pattern: '{{9999}} {{9999}} {{9999}} {{9999}}', 4 onPasteEvent: function (payload) { 5 var value = payload.unformattedInputValue; 6 7 if (requiresAmexPattern(value)) { 8 formattedCreditCardInput.setPattern('{{9999}} {{999999}} {{99999}}') 9 } else { 10 formattedCreditCardInput.setPattern('{{9999}} {{9999}} {{9999}} {{9999}}') 11 } 12 }) 13});
API
options
| Key | Type | Description |
|---|---|---|
| element | HTMLInputElement or HTMLTextAreaElement | A valid reference to an input or textarea DOM node |
| pattern | String | Pattern describing the allowed character set you wish for entry into corresponding field. See Patterns. |
| onPasteEvent | Function (optional) | A callback function to inspect the unformatted value of the input during a paste event. See Paste Event. |
Browser Support
Desktop
- Chrome (latest)
- Firefox (17+)
- Safari (8+)
- IE11 (desktop/metro)
- IE10 (desktop/metro)
- IE9
Browsers Where Formatting is Turned Off Automatically
Old versions of Samsung Android browsers are incompatible with formatting. These will not attempt to intercept the values and format the input.
TODO
- Improve jsdoc
- Add example guides/pages
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
2 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Reason
Found 6/12 approved changesets -- score normalized to 5
Reason
4 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 3
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/ci-integration-tests.yml:1
- Warn: no topLevel permission defined: .github/workflows/ci-unit-tests.yml:1
- Info: no jobLevel write permissions found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-integration-tests.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/braintree/restricted-input/ci-integration-tests.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-integration-tests.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/braintree/restricted-input/ci-integration-tests.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-integration-tests.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/braintree/restricted-input/ci-integration-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-integration-tests.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/braintree/restricted-input/ci-integration-tests.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-integration-tests.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/braintree/restricted-input/ci-integration-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-unit-tests.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/braintree/restricted-input/ci-unit-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-unit-tests.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/braintree/restricted-input/ci-unit-tests.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/ci-integration-tests.yml:28
- Warn: npmCommand not pinned by hash: .github/workflows/ci-unit-tests.yml:17
- Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 3 third-party GitHubAction dependencies pinned
- Info: 0 out of 2 npmCommand dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 25 are checked with a SAST tool
Score
4.4
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More