Gathering detailed insights and metrics for tmp-hot-react
Gathering detailed insights and metrics for tmp-hot-react
JavaScript Data Grid / Data Table with a Spreadsheet Look & Feel. Works with React, Angular, and Vue. Supported by the Handsontable team ⚡
Installations
npm install tmp-hot-reactDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS, ESM
Node Version
16.15.0
NPM Version
8.5.5
Releases
218
Languages
6
JavaScript
TypeScript
SCSS
CSS
Vue
EJS
JavaScript (92.68%)
TypeScript (5.59%)
SCSS (1.14%)
CSS (0.37%)
Vue (0.2%)
EJS (0.01%)
Developer
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
NOASSERTION License
21,173 Stars
8,847 Commits
3,167 Forks
457 Watchers
158 Branches
136 Contributors
Updated on Jul 11, 2025
Maintainers
1
Package Meta Information
Latest Version
0.0.0-next-24ebe76-20221024
Package Id
tmp-hot-react@0.0.0-next-24ebe76-20221024
Unpacked Size
513.90 kB
Size
148.61 kB
File Count
18
NPM Version
8.5.5
Node Version
16.15.0
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Peer Dependencies
1
Dev Dependencies
34
@babel/cli@babel/core@babel/plugin-proposal-class-properties@babel/plugin-transform-runtime@babel/polyfill@babel/preset-env@babel/preset-react@babel/preset-typescript@babel/runtime@types/react@types/react-dom@types/react-reduxbabel-corecpy-clicross-envdel-clitmp-hotjestprop-typesreactreact-domreact-reduxreduxrolluprollup-plugin-aliasrollup-plugin-babelrollup-plugin-commonjsrollup-plugin-jsonrollup-plugin-node-resolverollup-plugin-replacerollup-plugin-terserrollup-plugin-typescript2typescriptuglify-js
Data Grid for React 
Handsontable's wrapper for React combines data grid features with spreadsheet-like UX.
It provides data binding, data validation, filtering, sorting, and CRUD operations.
Features
The most popular features of Handsontable for React:
✓ Multiple column sorting
✓ Non-contiguous selection
✓ Filtering data
✓ Export to file
✓ Validating data
✓ Conditional formatting
✓ Merging cells
✓ Freezing rows/columns
✓ Moving rows/columns
✓ Resizing rows/columns
✓ Hiding rows/columns
✓ Context menu
✓ Comments
Documentation
Get Started
Install with npm
Run the following command in your terminal
npm install handsontable @handsontable/react
You can load it directly from jsDelivr as well.
1<script src="https://cdn.jsdelivr.net/npm/handsontable/dist/handsontable.full.min.js"></script> 2<script src="https://cdn.jsdelivr.net/npm/@handsontable/react/dist/react-handsontable.min.js"></script> 3 4<link href="https://cdn.jsdelivr.net/npm/handsontable/dist/handsontable.full.min.css" rel="stylesheet">
The component will be available as Handsontable.react.HotTable.
Usage
Use this data grid as you would any other component in your application. Options can be set as HotTable props.
Styles
1@import '~handsontable/dist/handsontable.full.css';
React Component
1import React from 'react'; 2import ReactDOM from 'react-dom'; 3import { HotTable } from '@handsontable/react'; 4 5class HotApp extends React.Component { 6 constructor(props) { 7 super(props); 8 this.data = [ 9 ['', 'Tesla', 'Mercedes', 'Toyota', 'Volvo'], 10 ['2019', 10, 11, 12, 13], 11 ['2020', 20, 11, 14, 13], 12 ['2021', 30, 15, 12, 13] 13 ]; 14 } 15 16 render() { 17 return (<HotTable data={this.data} colHeaders={true} rowHeaders={true} width="600" height="300" />); 18 } 19}
View live demo
Support
We provide support for developers working with commercial version via contact form or at support@handsontable.com.
If you use a non-commercial version then please ask your tagged question on StackOverflow.
License
Handsontable is a commercial software with two licenses available:
- Free for non-commercial purposes such as teaching, academic research, and evaluation. Read it here.
- Commercial license with support and maintenance included. See pricing plans.
License key
If you use Handsontable for React in a project that supports your commercial activity, then you must purchase the license key at handsontable.com.
If you use the free for non-commercial license of Handsontable, then pass the phrase 'non-commercial-and-evaluation', as described in this documentation.
Proudly created and maintained by the Handsontable Team.
No vulnerabilities found.
Reason
30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Reason
packaging workflow detected
Details
- Info: Project packages its releases by way of GitHub Actions.: .github/workflows/docs-production.yml:21
Reason
no binaries found in the repo
Reason
SAST tool is run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Info: all commits (11) are checked with a SAST tool
Reason
license file detected
Details
- Info: project has a license file: LICENSE.txt:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
dependency not pinned by hash detected -- score normalized to 8
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/code-quality.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/handsontable/handsontable/code-quality.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/code-quality.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/handsontable/handsontable/code-quality.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs-staging-delete.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/handsontable/handsontable/docs-staging-delete.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs-staging.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/handsontable/handsontable/docs-staging.yml/develop?enable=pin
- Warn: containerImage not pinned by hash: docs/docker/Dockerfile:2: pin your Docker image by updating nginx:alpine to nginx:alpine@sha256:b2e814d28359e77bd0aa5fed1939620075e4ffa0eb20423cc557b375bd5c14ad
- Warn: npmCommand not pinned by hash: .github/workflows/docs-production.yml:91
- Warn: npmCommand not pinned by hash: .github/workflows/docs-staging-delete.yml:52
- Warn: npmCommand not pinned by hash: .github/workflows/docs-staging.yml:72
- Warn: npmCommand not pinned by hash: .github/workflows/docs-staging.yml:73
- Warn: npmCommand not pinned by hash: .github/workflows/docs-visual-tests.yml:46
- Info: 101 out of 105 GitHub-owned GitHubAction dependencies pinned
- Info: 41 out of 41 third-party GitHubAction dependencies pinned
- Info: 0 out of 1 containerImage dependencies pinned
- Info: 5 out of 10 npmCommand dependencies pinned
Reason
Found 11/30 approved changesets -- score normalized to 3
Reason
badge detected: InProgress
Reason
dangerous workflow patterns detected
Details
- Warn: untrusted code checkout '${{ github.event.workflow_run.head_branch }}': .github/workflows/publish.yml:19
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'packages' permission set to 'read': .github/workflows/code-quality.yml:40
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/code-quality.yml:41
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/code-quality.yml:42
- Warn: no topLevel permission defined: .github/workflows/audit.yml:1
- Warn: no topLevel permission defined: .github/workflows/build-all.yml:1
- Warn: no topLevel permission defined: .github/workflows/changelog.yml:1
- Warn: no topLevel permission defined: .github/workflows/code-quality.yml:1
- Warn: no topLevel permission defined: .github/workflows/docs-examples.yml:1
- Warn: no topLevel permission defined: .github/workflows/docs-linter.yml:1
- Warn: no topLevel permission defined: .github/workflows/docs-production.yml:1
- Warn: no topLevel permission defined: .github/workflows/docs-staging-delete.yml:1
- Warn: no topLevel permission defined: .github/workflows/docs-staging-ovh.yml:1
- Warn: no topLevel permission defined: .github/workflows/docs-staging.yml:1
- Warn: no topLevel permission defined: .github/workflows/docs-visual-tests.yml:1
- Warn: no topLevel permission defined: .github/workflows/ghcr-cleanup.yml:1
- Warn: no topLevel permission defined: .github/workflows/linter.yml:1
- Warn: no topLevel permission defined: .github/workflows/publish.yml:1
- Warn: no topLevel permission defined: .github/workflows/test.yml:1
- Warn: no topLevel permission defined: .github/workflows/visual-tests-linter.yml:1
- Info: no jobLevel write permissions found
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
75 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q
- Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38
- Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc
- Warn: Project is vulnerable to: GHSA-4w2v-q235-vp99
- Warn: Project is vulnerable to: GHSA-cph5-m8f7-6c5x
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99
- Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
- Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-hf66-r44g-p7j9
- Warn: Project is vulnerable to: GHSA-7wwv-vh3v-89cq
- Warn: Project is vulnerable to: GHSA-pfq8-rq6v-vf5m
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
- Warn: Project is vulnerable to: GHSA-4www-5p9h-95mh
- Warn: Project is vulnerable to: GHSA-9gqv-wp59-fq42
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-6vfc-qv3f-vr6c
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-5rrq-pxf6-6jx5
- Warn: Project is vulnerable to: GHSA-8fr3-hfg3-gpgp
- Warn: Project is vulnerable to: GHSA-gf8q-jrpm-jvxq
- Warn: Project is vulnerable to: GHSA-2r2c-g63r-vccr
- Warn: Project is vulnerable to: GHSA-cfm4-qjh2-4765
- Warn: Project is vulnerable to: GHSA-x4jg-mjrx-434g
- Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
- Warn: Project is vulnerable to: GHSA-8g77-54rh-46hx
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-6g33-8w2q-4hxv
- Warn: Project is vulnerable to: GHSA-325j-24f4-qv5x
- Warn: Project is vulnerable to: GHSA-vx3p-948g-6vhq
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-mgfv-m47x-4wqp
- Warn: Project is vulnerable to: GHSA-5j4c-8p2g-v4jx
- Warn: Project is vulnerable to: GHSA-g3ch-rx76-35fx
- Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
- Warn: Project is vulnerable to: GHSA-4v9v-hfq4-rm2v
- Warn: Project is vulnerable to: GHSA-9jgg-88mc-972h
- Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx
- Warn: Project is vulnerable to: GHSA-8cj5-5rvv-wf4v
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-92r3-m2mg-pj97
- Warn: Project is vulnerable to: GHSA-c24v-8rfc-w8vw
- Warn: Project is vulnerable to: GHSA-8jhw-289h-jh2g
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986 / GHSA-64vr-g452-qvp3
- Warn: Project is vulnerable to: GHSA-9cwx-2883-4wfx
- Warn: Project is vulnerable to: GHSA-vg6x-rcgg-rjx6
- Warn: Project is vulnerable to: GHSA-x574-m823-4x7w
- Warn: Project is vulnerable to: GHSA-4r4m-qw57-chr8
- Warn: Project is vulnerable to: GHSA-xcj6-pq6g-qj4x
- Warn: Project is vulnerable to: GHSA-356w-63v5-8wf4
- Warn: Project is vulnerable to: GHSA-859w-5945-r5v3
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-vhxf-7vqr-mrjg
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-566m-qj78-rww5
Score
4.4
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More