Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@luma.gl/core
Advanced tools
@luma.gl/core is a high-performance WebGL2 framework designed for GPU-powered data visualization and computation. It provides a suite of tools for creating and managing WebGL contexts, shaders, buffers, and other GPU resources, making it easier to build complex visualizations and simulations.
Creating a WebGL Context
This feature allows you to create a WebGL context, which is the starting point for any WebGL application. The context is used to manage all WebGL state and resources.
const {createGLContext} = require('@luma.gl/core');
const gl = createGLContext();
Shader Management
This feature allows you to create and manage shaders, which are programs that run on the GPU. Shaders are essential for rendering graphics and performing computations on the GPU.
const {Shader} = require('@luma.gl/core');
const vs = `
attribute vec4 position;
void main() {
gl_Position = position;
}
`;
const fs = `
void main() {
gl_FragColor = vec4(1.0, 0.0, 0.0, 1.0);
}
`;
const shader = new Shader(gl, {vs, fs});
Buffer Management
This feature allows you to create and manage buffers, which are used to store data on the GPU. Buffers are used to store vertex data, texture data, and other types of data that need to be processed by the GPU.
const {Buffer} = require('@luma.gl/core');
const positions = new Float32Array([
-1, -1,
1, -1,
-1, 1,
1, 1
]);
const positionBuffer = new Buffer(gl, positions);
Rendering
This feature allows you to create and manage models, which are used to render graphics. Models are composed of shaders, buffers, and other resources, and they provide a high-level interface for rendering graphics.
const {Model} = require('@luma.gl/core');
const model = new Model(gl, {
vs: `
attribute vec4 position;
void main() {
gl_Position = position;
}
`,
fs: `
void main() {
gl_FragColor = vec4(1.0, 0.0, 0.0, 1.0);
}
`,
attributes: {
position: positionBuffer
},
vertexCount: 4
});
model.draw();
Three.js is a popular JavaScript library for creating 3D graphics in the browser. It provides a higher-level API compared to @luma.gl/core, making it easier to create complex 3D scenes with less code. However, it may not offer the same level of control and performance optimization as @luma.gl/core.
Babylon.js is another powerful 3D engine for creating immersive web experiences. It offers a comprehensive set of features for 3D rendering, physics, and more. Like Three.js, it provides a higher-level API compared to @luma.gl/core, which can simplify development but may limit fine-grained control over WebGL resources.
PixiJS is a fast 2D rendering engine that can also handle some 3D graphics. It is designed for creating interactive graphics and games. While it is not as focused on 3D and GPU computation as @luma.gl/core, it offers a simpler API for 2D and some 3D rendering tasks.
luma.gl is a set of WebGL2 components for high-performance GPU-based rendering and computation in the browser.
It is the engine that powers applications and frameworks like
For details, please refer to the extensive online website.
7.0.0-rc.2
FAQs
The luma.gl core Device API
The npm package @luma.gl/core receives a total of 161,008 weekly downloads. As such, @luma.gl/core popularity was classified as popular.
We found that @luma.gl/core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.