Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@alibaba-aero/vue2-leaflet
Advanced tools
Vue2Leaflet is a JavaScript library for the Vue framework that wraps Leaflet making it easy to create reactive maps.
Go here to check out live examples and docs.
If you want to hack around, here is a JS Fiddle to get started
A new major release v1.x.x is available and come with some breaking changes.
As some component where conflicting with reserved name like Circle with SVG Circle, from v1.x.x all components are prefixed with L.
For example Marker component became LMarker (l-marker in template).
Event handling have been simplified and are now mapped directly to Leaflet event.
For example Marker move event was 'l-move' and became simply 'move'.
v1.0.0 introduces Leaflet Controls you can now use them using LControlAttribution, LControlLayers, LControlScale and LControlZoom.
When adding LControlAttribution or LControlZoom to your template, remember to desactivate the default one by using LMap options:
{
zoomControl: false,
attributionControl: false
}
Otherwise you will end up with two zoom/attribution control.
$ npm install @alibaba-aero/vue2-leaflet --save
$ yarn add @alibaba-aero/vue2-leaflet
For more detailed informations you can follow the Quick Start Guide
Leaflet plugins can easily work with Vue2Leaflet, if you want to use one I would recommand to look at the awesome work made by the community in the list below.
If you have created a plugin and want it to be listed here, let me know :-).
Vue2Leaflet is only a wrapper for Leaflet. I want to keep it as simple as possible so I don't want to add any plugin support into this repo.
Depending on your project setup, you may have to try different solutions.
To fix map rendering issues, it may help to import the Leaflet stylesheet within the script section of your Vue component.
In most cases, though, it is Webpack messing with Leaflet marker icons' paths, resulting in warnings or even errors. You can alleviate that by either unsetting/replacing the default paths (alternate solution) or using Webpack aliases.
First add a ref to the map
<l-map ref="map" :zoom=13 :center="[47.413220, -1.219482]">
...
</l-map>
Then in you JavaScript you can use mapObject which is Leaflet map instance :
this.$refs.map.mapObject;
Note: mapObject
is not available directly in vue's mounted
hook. You need to wrap the call to this.$refs.map
in a nextTick
call:
data: () => ({map: null}),
mounted () {
// DON'T
this.map = this.$refs.map.mapObject // doesn't work, this.map is null
// DO
this.$nextTick(() => {
this.map = this.$refs.map.mapObject // work as expected
})
},
This also work for any other component (Marker, Polyline, etc...)
All event binding can be done to event with the same name as in leaflet documentation.
For example if you want to listen to Vue2Leaflet.LMarker move event.
<l-marker :lat-lng="[47.413220, -1.219482]" @move="doSomething"></l-marker>
# clone the repository
$ git clone git@github.com:alibaba-aero/Vue2Leaflet.git
$ cd Vue2Leaflet
# install dependencies and build vue2-leaflet
$ npm install
$ npm run build
# create a symlink for vue2-leaflet
$ npm link
$ cd examples
$ npm install
# create a symbolic link for vue2-leaflet in node_modules/
$ npm link vue2-leaflet
# serve with hot reload at localhost:8080
$ npm run dev
Go to http://localhost:8080/ to see running examples
NOTE: If you make changes to the library you should run 'npm run build' again in the root folder. The dev server should detect modification and reload the examples
Mickaël Bouchaud
Inspired by many map wrapper (google and leaflet) for many framework (React, Angular and Vue 1.0)
Thanks goes to these wonderful people
This project is licensed under the MIT License - see the LICENSE file for details
FAQs
Vue2 leaflet library
The npm package @alibaba-aero/vue2-leaflet receives a total of 7 weekly downloads. As such, @alibaba-aero/vue2-leaflet popularity was classified as not popular.
We found that @alibaba-aero/vue2-leaflet demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.