feat(chart): rename formatter to dangerousHtmlFormatter for XSS awareness#414
Merged
geoquant merged 2 commits intocloudflare:mainfrom Apr 15, 2026
Merged
Conversation
…ness BREAKING CHANGE: The formatter property in KumoChartOption['tooltip'] has been renamed to dangerousHtmlFormatter. This change makes the security implications of using HTML formatters more explicit to developers. - Update EChart.tsx with new property name and warnings - Update TimeseriesChart.tsx to use dangerousHtmlFormatter - Add migration examples in documentation - Include changeset for minor version bump
Collaborator
|
/bonk review pls |
commit: |
Contributor
Docs PreviewCommit: |
Contributor
geoquant
approved these changes
Apr 15, 2026
Contributor
|
@geoquant Bonk workflow was cancelled. View workflow run · To retry, trigger Bonk again. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.



















































Renames the
formatterproperty in chart tooltips todangerousHtmlFormatterto make the security implications of using HTML formatters more explicit to developers.
Changes
formatterproperty inKumoChartOption['tooltip']has been renamed to
dangerousHtmlFormatter. The API remains identical—onlythe name has changed to increase XSS awareness.
EChart.tsxwith the new property name and added security warningsTimeseriesChart.tsxto usedangerousHtmlFormatterChartDemo.tsxandcustom.mdxMigration
Replace
formatterwithdangerousHtmlFormatterin your chart tooltipconfigurations: