Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@planet/maps
Advanced tools
Declarative mapping components
npm install @planet/maps
Import the components you need for your map. Provide an options
prop to pass to the underlying OpenLayers constructor. Provide other props for values that you want to update with state changes.
import Map from '@planet/maps/lib/Map';
import OSM from '@planet/maps/lib/source/OSM';
import ScaleLine from '@planet/maps/lib/control/ScaleLine';
import View from '@planet/maps/lib/View';
import WebGLTile from '@planet/maps/lib/layer/WebGLTile';
function MyApp() {
return (
<Map style={{width: '100%', height: '100%'}}>
<View options={{center: [0, 0], zoom: 1}} />
<WebGLTile>
<OSM />
</WebGLTile>
<ScaleLine />
</Map>
);
}
You can also listen to any events on the map, view, controls, interactions, layers, or sources; use ref
s to get access to the underlying OpenLayers instances; and more.
React lets you build interactive UIs with (mostly) declarative syntax. OpenLayers provides an imperative API for building mapping apps. It can be awkward to map React's component API to an imperative API. However, the React team provides a package for creating custom renderers: react-reconciler
. This is how they integrate with imperative APIs themselves. The react-dom
package uses react-reconciler
to provide a mapping to the imperative DOM API. react-native
uses react-reconciler
to map to imperative native APIs.
This library provides declarative mapping components representing imperative APIs from OpenLayers.
The purpose of this project is to provide a mapping between React's declarative components and OpenLayers' imperative API. In other words, this project provides a React renderer for OpenLayers.
Here are some of the goals of this project:
options
(passed to the constructor only), listener props (e.g. onChange
), and ref
.ref
that provide access to the underlying OpenLayers instance.This project does not intend to provide any of the following:
We hope that this package can provide the foundation for other, higher-level libraries with more opinions about the look and feel of mapping components.
The development setup depends on Node 18 (most things work on 16, but not all).
Install project dependencies:
npm install
The rendering tests use Playwright for visual snapshot comparison. See the tests/rendering/readme.md
for more detail.
Other projects like react-openlayers-fiber
and react-ol-fiber
use a similar approach and provided inspiration for this project. The major difference between this project and those is that this project provides importable components for OpenLayers layers, sources, controls, and interactions. The other projects bundle all of OpenLayers in their renderer. So a simple "hello world" map with one of the existing projects is about 1.5 MB while the same with this project is about 460 KB.
FAQs
Declarative mapping components for React
The npm package @planet/maps receives a total of 1,089 weekly downloads. As such, @planet/maps popularity was classified as popular.
We found that @planet/maps demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.