Exciting release!Introducing "safe npm". Learn more
Log inDemoInstall


Package Overview
File Explorer

Advanced tools


JS Bundle containing all the functionality needed to render a map with harp.gl


Version published
Weekly downloads
increased by2.07%

Weekly downloads




New Features

  • Split theme to stable and unstable parts in https://github.com/heremaps/harp.gl/pull/2331
  • Lookup style operator in https://github.com/heremaps/harp.gl/pull/2329
  • Implements simple style variable definition in https://github.com/heremaps/harp.gl/pull/2342
  • Adds support for FlatTheme in JsonSchema generation in https://github.com/heremaps/harp.gl/pull/2344

Bug Fixes,

  • Fixes #2295 Remove guide to prevent confusion in https://github.com/heremaps/harp.gl/pull/2313
  • Change URL caching inside ThemeLoader in https://github.com/heremaps/harp.gl/pull/2318
  • Debug karma tests n https://github.com/heremaps/harp.gl/pull/2340
  • Fix shader compilation in Safari 15 on MacOS Monterrey. in https://github.com/heremaps/harp.gl/pull/2337
  • Fixes Frame Complete in https://github.com/heremaps/harp.gl/pull/2338
  • Minor style fix in https://github.com/heremaps/harp.gl/pull/2349
  • Fixes missing Marker on not loaded icon in https://github.com/heremaps/harp.gl/pull/2347
  • Fixes Style Evaluator expression for cached step expression in https://github.com/heremaps/harp.gl/pull/2350

Updated dependencies

  • Fix broken dependencies in https://github.com/heremaps/harp.gl/pull/2317
  • Update npm version in https://github.com/heremaps/harp.gl/pull/2332

Full Changelog: https://github.com/heremaps/harp.gl/compare/v0.27.1...v0.28.0





This is convienience module that provides harp.gl as JS-friendly bundle, with whole harp.gl API exposed in harp namespace.

Usage example with unpkg.com CDN:

<script src="https://unpkg.com/three/build/three.min.js"></script> <!-- harp.gl bundle requires specific threejs version to be already loaded in runtime --> <script src="https://unpkg.com/@here/harp.gl/dist/harp.js"></script> <!-- latest version of harp.gl bundle --> <script> const canvas = document.getElementById("mapCanvas"); const map = new harp.MapView({ canvas, theme: "https://unpkg.com/@here/harp-map-theme@0.2.2/resources/berlin_tilezen_base.json" }); ... </script>

This snippets loads all required scripts and creates MapView with theme loaded from unpkg.com CDN.


@here/harp.gl provides following bundles:

Technical notes

  • harp.js bundle depends on Three.JS being already loaded in Javascript Runtime.
  • harp.gl uses Web Workers from harp-decoders.js to offload CPU intensive work from main thread (in particular for OmvDataSource and GeoJsonDataProvider. Web Workers.
  • For convienience harp.gl detects URL from which is loaded and by default detects location of harp-decoders.js which is distributed together. That may cause problems with same-origin policy that mandates that Web Workers can be loaded only from same origin that main page. To overcome this issue, we attempt to load harp-decoders.js by converting it to Blob. This requires, that CSP policy of your page allows loading workers from blob: URLs.


  • harp.js: Unable to determine location of three(.min).js

    As noted above, harp.gl tries to find URL of three.js so URL can loaded in web-workers. If for some reason you don't have three.js script in your DOM, you can tell harp.gl where to find like this:

    harp.WorkerLoader.dependencyUrlMapping.three = "https://unpkg.com/three/build/three.min.js";
  • Refused to create a worker from 'blob:http://...' because it violates the following Content Security Policy ...

    As noted above, if harp.js and harp-decoders.js is loaded from other domain (like CDN), we try to load script into Blob and then execute worker from blob-url. For this mechanism to work, your CSP policy for worker-src and/or child-src should allow blob: origin. blob: origin is enabled by default, but if for some reason it's not the case, you can re-enable it with following snippet:

    <meta http-equiv="Content-Security-Policy" content="worker-src 'self' blob:" />

    If for some reason, you cannot change CSP policy of your app to allow blob: worker-source, you have to load harp-decoders.js (and possibly harp.js) from same origin as your main page.

More info



Last updated on 17 Jan 2022

Did you know?

Socket installs a Github app to automatically flag issues on every pull request and report the health of your dependencies. Find out what is inside your node modules and prevent malicious activity before you update the dependencies.

Install Socket
support@socket.devSocket SOC 2 Logo


  • Package Issues
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc