@microscope-js/renderer-xlsx

Spreadsheet renderer for microscope-js, backed by SheetJS. Renders .xlsx, .xls, .xlsm, .xlsb, .csv, .tsv, and .ods. Multi-sheet workbooks get a tab strip; HTML output is sanitized via the shared DOMPurify profile; formulas are never evaluated.

Install

pnpm add @microscope-js/renderer-xlsx

Use

import { createRegistry, mount } from '@microscope-js/core';
import { xlsxRenderer } from '@microscope-js/renderer-xlsx';

const registry = createRegistry([xlsxRenderer]);
const handle = await mount({ source: file, container, registry });

// renderer-specific capabilities
const cap = handle.capabilities as { sheetNames: string[]; showSheet(name: string): void };
console.log(cap.sheetNames);
cap.showSheet('Q4 Revenue');

Options

| Option | Default | Description | | -------------- | ------------------ | -------------------------------------------------------------------------- | | maxBytes | 64 * 1024 * 1024 | Reject workbooks larger than this (MicroscopeError('TOO_LARGE')) | | initialSheet | 0 | Index of the sheet shown on first render |

Capabilities exposed on the RenderHandle

interface XlsxHandle extends RenderHandle {
  readonly capabilities: {
    sheetNames: string[];
    showSheet(name: string): void;
  };
}

Wire a custom dropdown to showSheet() for a polished UX.

Format support

• .xlsx / .xlsm / .xlsb (Office Open XML)
• .xls (legacy binary)
• .ods (OpenDocument)
• .csv / .tsv (delimited text)

Security model

• SheetJS is called with cellFormula: false — formulas are dropped, not evaluated. No untrusted spreadsheet expression ever runs.
• The HTML SheetJS produces is run through sanitizeHtml from @microscope-js/utils before insertion.
• The size cap defends against zip-bomb-class inputs.
• All rendering is in-browser. The workbook never leaves the tab.

See also

• @microscope-js/renderer-docx · @microscope-js/renderer-pptx
• @microscope-js/react — React adapter
• Repository · Live demo · API docs

License

MIT