react-currency-input icon indicating copy to clipboard operation
react-currency-input copied to clipboard

Published 20 hours ago verified publisher icon jsillitoe

Please publish a new version

Open garrettn opened this issue 3 years ago • 5 comments

Hi, I noticed that no new version has been released since #80 was merged. Would it be possible to do that?

We found out that there's a vulnerability in a transitive dependency ([email protected], required by [email protected], required by v1.3.6 of this library). Since browserify was taken out of the dependencies in #80 it would be great to have this changed published so we're no longer installing the vulnerable library.

Thank you!

garrettn avatar Oct 28 '21 22:10 garrettn

fwiw, i just forked this lib, as it's a major piece of the user interface in an app i'm working on, and no other currency input that i've found comes even close to doing what this one does.. first thing i've done is get it working with typescript tooling, and current React usage, which has rather broken it.. so it's not quite ready yet for use... but i hope to have it up and running within a few days to a week or so. One of the very first things I noticed, is that absolutely none of the dependencies need to be there. :-D so i've already got that part fixed.

If you'd like to follow, and perhaps contribute? :-) then it's at https://github.com/ericblade/react-currency-input

once i have it all working, i'll publish to npm as well.

ericblade avatar Jan 03 '22 04:01 ericblade

I've just published @ericblade/react-currency-input^1.0.2 , which is pretty much identical in function to this repo, right now. there may be some slight behavior changes, and i removed the bits that were deprecated in this repo. I've placed a codepen at https://codepen.io/ericblade/pen/NWaLbGK

Whole thing is in typescript, and builds with the typescript compiler now.

I will be more than happy to continue work there (or if @jsillitoe returns, to hand it back off :) ) and accept pull reqs, and so on.

code repo is https://github.com/ericblade/react-currency-input

ericblade avatar Jan 08 '22 23:01 ericblade

What can we do to get an update, just to get dependencies updated perhaps?

BrandonCopley avatar May 20 '22 16:05 BrandonCopley

There's a less ambitious-in-it's-changes fork here https://github.com/GitJMSeguradora/react-currency-input ...

Unfortunately, it looks like Joe is not active anymore, so we appear to be limited to forking it on our own, or following one of the other forks.

I opted to go with my own fork, which anyone is also welcome to work with. For my purposes, it works identically to the original, but with a super annoying bug in mobile caret positioning fixed. If it does not work as a drop in replacement for your use, I'd be happy to investigate / fix.

ericblade avatar May 21 '22 23:05 ericblade

Sorry for not chiming in earlier. We ended up switching to an internally developed component for a currency input (and I also no longer work at the place where we were affected by this), so this issue no longer affects me. But thanks @ericblade for trying to find a solution! I'm happy to keep this issue open since it seems like other people are interested in it (unless the maintainer decides to close it, of course).

garrettn avatar May 24 '22 19:05 garrettn