Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@maplibre/maplibre-gl-leaflet
Advanced tools
This is a binding from MapLibre GL JS to the familiar Leaflet API. It was originally developed for Mapbox (https://github.com/mapbox/mapbox-gl-leaflet) and was migrated to MapLibre after Mapbox changed its license.
var map = L.map('map').setView([38.912753, -77.032194], 15);
L.marker([38.912753, -77.032194])
.bindPopup("Hello <b>Leaflet GL</b>!<br>Whoa, it works!")
.addTo(map)
.openPopup();
var gl = L.maplibreGL({
style: 'mapbox://styles/mapbox/bright-v8'
}).addTo(map);
Note that you can use any vector tile source useable by maplibre-gl. For instance, you can use OSM2VectorTiles with:
var gl = L.maplibreGL({
style: 'https://api.maptiler.com/maps/topo/style.json?key=<YOUR_MAPTILER_API_KEY>'
}).addTo(map);
Once you have created the leaflet layer, the maplibre-gl map object can be accessed using
gl.getMaplibreMap()....
// add a source to the maplibre-gl layer
gl.getMaplibreMap().addSource({...})
Code for these examples is hosted in the examples folder
Add a script tag referencing maplibre-gl-leaflet after adding leaflet and maplibre-gl-js in your website:
<!-- Leaflet -->
<link rel="stylesheet" href="https://unpkg.com/leaflet@1.8.0/dist/leaflet.css" />
<script src="https://unpkg.com/leaflet@1.8.0/dist/leaflet.js"></script>
<!-- Maplibre GL -->
<link href="https://unpkg.com/maplibre-gl@2.2.1/dist/maplibre-gl.css" rel='stylesheet' />
<script src="https://unpkg.com/maplibre-gl@2.2.1/dist/maplibre-gl.js"></script>
<script src="https://unpkg.com/@maplibre/maplibre-gl-leaflet@0.0.17/leaflet-maplibre-gl.js"></script>
This project makes it possible to easily add a maplibre-gl-js layer in your Leaflet map. When using maplibre-gl-leaflet, you won't be able to use some of the maplibre-gl-js features. Here are the main differences between a "pure" maplibre-gl-js map and a Leaflet map using maplibre-gl-leaflet:
On the bright side, the maplibre-gl-leaflet binding will allow you to use all the leaflet features and plugins.
If you only need the maplibre-gl-js features (adding a map with a mapbox-style, adding a GeoJSON, etc.), you are probably better off using it directly.
Please use the issue tracker to report any bugs or file feature requests. You can fork this jsfiddle template to reproduce a bug, then share the URL of your fork in the GitHub issue.
FAQs
Supports adding Maplibre GL Web to a Leaflet Map as a layer
The npm package @maplibre/maplibre-gl-leaflet receives a total of 6,374 weekly downloads. As such, @maplibre/maplibre-gl-leaflet popularity was classified as popular.
We found that @maplibre/maplibre-gl-leaflet demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.