Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@boundlessgeo/sdk
Advanced tools
Javascript SDK based on React, OpenLayers and Redux.
This guide walks through the steps necessary to create a new React-Redux project that will feature maps through SDK.
The Node Version Manager provides a clean and easy way to keep different versions of NodeJS installed simultaneously.
Yarn is yet another node package manager. However, it offers a number of performance features over npm.
npm install -g yarn
npx create-react-app sdk-starter
cd sdk-starter
SDK-based apps do require additional dependencies. These include Redux for managing state.
yarn add redux react-redux ol ol-mapbox-style
Follow the instructions here.
Only one of the following techniques are needed for installing the SDK.
This is the standard way of installing SDK. It is appropriate for those looking to develop a quick SDK app and do not need the latest features from the master branch.
It will install the dist-version of the library.
yarn add @boundlessgeo/sdk
In your favorite editor open src/App.scss
. On the first line add:
@import "@boundlessgeo/sdk/stylesheet/sdk.scss";
Open src/App.js
in your favorite editor. After the line import './App.scss';
,
add the following imports:
import { createStore, combineReducers } from 'redux';
import { Provider } from 'react-redux';
import SdkMap from '@boundlessgeo/sdk/components/map';
import SdkMapReducer from '@boundlessgeo/sdk/reducers/map';
import * as SdkMapActions from '@boundlessgeo/sdk/actions/map';
After the imports add a store with the SdkMapReducer
:
const store = createStore(combineReducers({
'map': SdkMapReducer,
}));
The map configuration needs to happen outside of the render()
method.
render()
will be called every time a prop or state element is changed
and this would cause map layers to be added repeatedly causing ill effects.
However, componentDidMount
is only called once, after the component has been
mounted.
After class App extends Component {
, add the following lines:
componentDidMount() {
// add the OSM source
store.dispatch(SdkMapActions.addOsmSource('osm'));
// add an OSM layer
store.dispatch(SdkMapActions.addLayer({
id: 'osm',
source: 'osm',
}));
}
Remove the header part, and replace it with an SDK map:
render() {
return (
<div className="App">
<Provider store={store}>
<SdkMap />
</Provider>
</div>
);
}
The create-react-app creates a built-in hot-compiler and server.
yarn start
Congratulations! You should have a fully operational Boundless SDK React app!
Instead of installing sdk from npm, you can also install it from github. This is the way to install SDK if the latest features are needed or development on SDK is planned.
The following steps will clone SDK, install its dependencies, build the library, and finally add it to the app.
cd ..
git clone https://github.com/boundlessgeo/sdk
cd sdk
npm install
npm run build:dist
cd ../sdk-starter
yarn add file:../sdk/dist
If you want to write unit tests in your application that use the SDK, make sure you have canvas
installed as a devDependency
.
See here for more details.
FAQs
Boundless Web SDK
The npm package @boundlessgeo/sdk receives a total of 4 weekly downloads. As such, @boundlessgeo/sdk popularity was classified as not popular.
We found that @boundlessgeo/sdk demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 19 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.