Skip to content

fix(InputNumber): decide prefix suffix using formatToParts#8520

Open
8lurry wants to merge 1 commit intoprimefaces:masterfrom
8lurry:master
Open

fix(InputNumber): decide prefix suffix using formatToParts#8520
8lurry wants to merge 1 commit intoprimefaces:masterfrom
8lurry:master

Conversation

@8lurry
Copy link
Copy Markdown

@8lurry 8lurry commented Apr 1, 2026
edited by melloware
Loading

Fix: #8521

Problem:

  • In locale bn, typing first digit 1 (displayed as ১) can produce event.value = null on first input.

Root cause:

  • Prefix extraction logic relies on splitting formatted 1 by ASCII 1, which fails for locales using non-ASCII digits.

Repro:

  • Render InputNumber with locale bn and allowEmpty true
  • Focus empty input
  • Type 1
  • Observe onValueChange gives null for first keystroke

Expected:

  • First keystroke should produce numeric value 1

Proposed fix:

  • Avoid ASCII-only split logic in prefix detection
  • Derive prefix/suffix using formatToParts and the integer/decimal parts, which is locale-safe for non-Latin numerals

@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 1, 2026

Thanks a lot for your contribution! But, PR does not seem to be linked to any issues. Please manually link to an issue or mention it in the description using #<issue_id>.

@8lurry
Copy link
Copy Markdown
Author

8lurry commented Apr 2, 2026

CI failure: Security Check (Step 8)

The NodeJS CI run is failing in Security Check (Step 8):
https://github.com/primefaces/primereact/actions/runs/23857355195/job/69566392264#step:8:86

The log shows an npm audit finding:

  • postcss < 8.4.31 (moderate) via node_modules/next
  • Audit output says the only full fix is npm audit fix --force, which would install next@16.2.2 (breaking change)
  • The job then errors on npm audit fix and exits with code 1

This seems like a repo/CI-policy issue rather than something a PR author can safely resolve, since the suggested remediation is a Next major upgrade.

Suggestion (maintainer decision):

  • Avoid running npm audit fix in CI (non-deterministic + can require breaking upgrades). Prefer a read-only audit such as:
    • npm audit --omit=dev --audit-level=critical (or whatever threshold you want CI to enforce)
  • If the goal is to fully remediate, plan an explicit dependency upgrade path (e.g., upgrading Next to a version that pulls a non-vulnerable PostCSS).

Can someone confirm whether CI is intended to run npm audit fix here (vs npm audit only), and what severity threshold should fail the build?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

InputNumber swallows first keystroke when locale uses non-ASCII numerals (e.g. bn)

1 participant

@8lurry