Security News
NVD Backlog Tops 20,000 CVEs Awaiting Analysis as NIST Prepares System Updates
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
@mapbox/mvt-fixtures
Advanced tools
A require-able test fixture suite of valid and invalid Mapbox Vector Tiles
A require()
able suite of valid and invalid vector tile fixtures for testing Mapbox Vector Tile encoders and decoders. You can view a list of all fixtures at FIXTURES.md.
mvt-fixtures can be used in two distinct ways
The Javascript API is recommended if you are working in Javascript or Node.js. The raw fixtures are provided for those using this outside of a Javascript application. The recommended workflow is to have your encoder or decoder loop through every fixture and either expect to successfully decode/encode valid fixtures, or fail to decode/encode invalid fixtures. When new fixtures are added to this repository, you simply need to update the version of the module (or your submodule) to get the new fixtures and re-run tests.
Validity: each fixture includes information about whether they are valid according to the specification versions and possible error outcomes if they are invalid. If any of the fixtures are invalid, they must include an error
field describing how to recover (or not) from the error. These can be found in the validity
field of the fixture and info.json files. The following checks:
v1
(Boolean): is this fixture valid according to Version 1.x of the Mapbox Vector Tile specv2
(Boolean): is this fixture valid according to Version 2.x of the Mapbox Vector Tile specerror
(String): describes if the encoder/decoder should recover from this error or stop completely. THis is only present if the fixture is invalid according to one or more spec revisions. Values are
recoverable
: should the encoder/decoder continue move on and continue its work? For instance, if invalid geometry is found, can the encoder safely move to the next feature?fatal
: the encoder should completely stop its processGOTCHA: validity can be messy. In the case of the validity
property for the fixtures, they refer to the Mapbox Vector Tile Specification but depending on the protocol buffer specification we are decoding with, fields that may be required by the spec and are missing can be interpreted as default values. For example: in fixture 003 where the "GeomType" tag is completely missing, any vector tile decoder using the proto2 syntax will interpret this by the default value UNKNOWN instead of a missing tag.
Check out the full Javascript interface over at API.md
npm install @mapbox/mvt-fixtures --save-dev
const mvtf = require('@mapbox/mvt-fixtures');
const decoder = require('your-mvt-decoder');
// assert on every single buffer
mvtf.each(function(fixture) {
let output = decoder(fixture.buffer);
assert.equal(output.layers.length, fixture.json.layers.length, 'expected number of layers');
// ... more tests
});
// or you can get individual fixtures
const output = decoder(mvtf.get('043').buffer);
You can access all of the fixtures and their metadata in the /fixtures directory. You can download this repository and get them manually, or use this repository as a submodule. Each fixture is named by the directory /fixtures/{name} and has the following files:
name
, description
, and specification_reference
.While the bulk of mvt-fixtures is focused on minimal unit tests with very specific features, it also includes a set of real-world tiles that are useful for benchmarking and running your decoder through more realistic tiles. Learn more about each real world extent in REAL-WORLD.md.
git clone git@github.com:mapbox/mvt-fixtures.git
cd mvt-fixtures
npm install
npm install -g documentation
All fixtures have a source file in the /src directory. This file is a module that exports an object with the following parameters:
module.exports = {
description: 'DESCRIPTION',
specification_reference: 'SPECIFICATION_URL',
validity: {
v1: false,
v2: false,
error: 'ERROR_TYPE'
},
json: {...},
proto: '2.1'
};
A new fixture can be created by running the command, which will auto-increment the ID:
npm run new
# New file created: /src/003.js.
To rebuild all of the raw fixtures (including the tile.mvt, tile.json, and info.json files) in /fixtures you can run:
npm run build
There are couple scripts included for debugging the fixtures as you create them.
protoc specification dump allows you to dump mvt fixtures to the text-based representation supported by the google protoc tool. This can be very useful for debugging fixtures to ensure you've created what you expected (particularly for tiles designed to be invalid to parse).
$ ./scripts/dump fixtures/002/tile.mvt
layers {
name: "hello"
features {
type: POINT
geometry: 9
geometry: 50
geometry: 34
}
extent: 4096
version: 2
}
raw protoc dump allows you to dump the raw contents of a buffer. This particularly useful for tiles that don't match the vector_tile.proto format and you want to view which tags are generated
$ ./scripts/dump fixtures/002/tile.mvt --raw
3 {
15: 2
1: "hello"
2 {
2: ""
3: 1
4: "\t2\""
}
5: 4096
}
Documentation takes two forms...
These can be generated by running:
npm run docs
All tests can be run with:
npm test
FAQs
A require-able test fixture suite of valid and invalid Mapbox Vector Tiles
The npm package @mapbox/mvt-fixtures receives a total of 3,618 weekly downloads. As such, @mapbox/mvt-fixtures popularity was classified as popular.
We found that @mapbox/mvt-fixtures demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 14 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.