Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@lightningjs/msdf-generator
Advanced tools
Converts font files (.ttf, .otf, .woff, .woff2) to SDF format for Lightning 3's renderer, with added font metrics generation for SDF and Canvas Web fonts
This tool converts font files (.ttf, .otf, .woff, woff2) to Signed Distance Field (SDF) fonts for use with the Lightning 3's SDF text renderer. As an additional feature, this utility also generates the recommended font metrics for use in the configuration of SDF and Canvas Web fonts.
Both multi-channel (MSDF) and single-channel (SSDF) font files are generated.
See the following resources for more information about SDF font rendering:
This tool uses msdf-bmfont-xml to generate the font JSON data and texture atlases. And also applies some adjustments to that JSON data.
pnpm install
font-src-sample
directory to font-src
:cp -R font-src-sample font-src
Copy Fonts: Place all the font files you want to convert to SDF fonts into the font-src
directory.
Generate SDF Textures: Run the following command to generate SDF textures from the font files:
pnpm generate
font-dst
directory.In addition to generating SDF fonts, this tool also generates the recommended
metrics configuration for use in both SDF and Canvas Web fonts. After running
the tool, the metrics extracted from each scanned font will be placed in the
font-dst/metrics/
directory. An example is below.
font-dst/metrics/Ubuntu-Regular.metrics.json
{
"ascender": 776,
"descender": -185,
"lineGap": 56,
"unitsPerEm": 1000
}
These metrics can then be configured directly into the font face definitions
in the Renderer Core Extension. If your app needs to support both Canvas and
SDF versions of the same font for any reason, it is important that they are both
configured with the same metrics
configuration to ensure maximum layout parity
between the SDF and Canvas Text Renderers.
CoreExtension.ts
// ...
stage.fontManager.addFontFace(
new WebTrFontFace({
fontFamily: 'Ubuntu',
descriptors: {},
fontUrl: '/fonts/Ubuntu-Regular.ttf',
metrics: {
ascender: 776,
descender: -185,
lineGap: 56,
unitsPerEm: 1000,
},
}),
);
stage.fontManager.addFontFace(
new SdfTrFontFace('msdf', {
fontFamily: 'Ubuntu',
descriptors: {},
atlasUrl: '/fonts/Ubuntu-Regular.msdf.png',
atlasDataUrl: '/fonts/Ubuntu-Regular.msdf.json',
stage,
// NOTE: Providing these metrics for SDF fonts is optional because
// they are encoded by this tool into the atlas data JSON data
// itself (see the `lightningMetrics` key). If you decide to use
// values that are different from the generated default you can
// insert them here.
metrics: {
ascender: 776,
descender: -185,
lineGap: 56,
unitsPerEm: 1000,
},
}),
);
// ...
The default recommended metrics come directly from the font file itself and may be tweaked as needed by the developer. Be sure to apply any tweaks to both the SDF and Canvas Web versions of the fonts equally if both versions are required by your application to ensure consistent text layout between SDF and Canvas Text Renderers.
The contents of font-src/charset.txt
can be modified to adjust the characters
that are included into the SDF font.
By default this tool will generate SDF fonts with these properties:
For each font file in the font-src
directory you can define overrides for these values in the font-src/overrides.json
file.
Below is an example of overriding font size and distance range for the Ubuntu-Regular font.
{
"Ubuntu-Regular": {
"msdf": {
"fontSize": 45
"distanceRange": 6
},
"ssdf": {
"fontSize": 50
"distanceRange": 6
}
}
}
FAQs
Converts font files (.ttf, .otf, .woff, .woff2) to SDF format for Lightning 3's renderer, with added font metrics generation for SDF and Canvas Web fonts
We found that @lightningjs/msdf-generator demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.