Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@turf/turf
Advanced tools
@turf/turf is a powerful geospatial analysis library for JavaScript. It provides a wide range of functions for processing and analyzing geographic data, including operations for measuring distances, calculating areas, performing spatial joins, and more. It is widely used in applications that require geospatial data manipulation and analysis.
Distance Calculation
This feature allows you to calculate the distance between two geographic points. The code sample demonstrates how to calculate the distance in miles between two points using the `distance` function.
const turf = require('@turf/turf');
const from = turf.point([-75.343, 39.984]);
const to = turf.point([-75.534, 39.123]);
const options = {units: 'miles'};
const distance = turf.distance(from, to, options);
console.log(distance);
Buffer
This feature allows you to create a buffer around a geographic point. The code sample demonstrates how to create a buffer of 500 miles around a point using the `buffer` function.
const turf = require('@turf/turf');
const point = turf.point([-90.548630, 14.616599]);
const buffered = turf.buffer(point, 500, {units: 'miles'});
console.log(buffered);
Area Calculation
This feature allows you to calculate the area of a polygon. The code sample demonstrates how to calculate the area of a polygon using the `area` function.
const turf = require('@turf/turf');
const polygon = turf.polygon([[
[-67.13734, 45.13745],
[-66.96466, 44.8097],
[-68.03252, 44.3252],
[-69.06, 43.98],
[-70.11617, 43.68405],
[-70.64573, 43.09008],
[-70.75102, 43.08003],
[-70.79761, 43.21973],
[-70.98176, 43.36789],
[-70.94416, 43.46633],
[-71.08482, 45.30524],
[-70.66002, 45.46022],
[-70.30495, 45.91479],
[-70.00014, 46.69317],
[-69.23708, 47.44777],
[-68.90478, 47.18479],
[-68.2343, 47.35462],
[-67.79035, 47.06624],
[-67.79141, 45.70258],
[-67.13734, 45.13745]
]]);
const area = turf.area(polygon);
console.log(area);
Intersect
This feature allows you to find the intersection of two polygons. The code sample demonstrates how to find the intersection of two polygons using the `intersect` function.
const turf = require('@turf/turf');
const poly1 = turf.polygon([[
[-122.801742, 45.48565],
[-122.801742, 45.60491],
[-122.584762, 45.60491],
[-122.584762, 45.48565],
[-122.801742, 45.48565]
]]);
const poly2 = turf.polygon([[
[-122.520217, 45.535693],
[-122.64038, 45.553967],
[-122.720031, 45.526554],
[-122.669906, 45.507309],
[-122.723464, 45.446643],
[-122.532577, 45.408574],
[-122.487258, 45.477466],
[-122.520217, 45.535693]
]]);
const intersection = turf.intersect(poly1, poly2);
console.log(intersection);
Geolib is a library to provide basic geospatial operations like distance calculation, bounding box, and more. It is simpler and more lightweight compared to @turf/turf, but it does not offer as many advanced geospatial analysis functions.
JSTS is a JavaScript library of spatial predicates and functions for processing geometry. It is based on the Java Topology Suite (JTS). JSTS provides more advanced and robust geometric operations compared to @turf/turf, but it can be more complex to use.
Leaflet is a leading open-source JavaScript library for mobile-friendly interactive maps. While it is primarily focused on rendering maps and providing map-related functionalities, it also includes some basic geospatial analysis features. It is not as comprehensive as @turf/turf in terms of geospatial analysis.
Turf is a modular geospatial analysis engine written in JavaScript. It performs geospatial processing tasks with GeoJSON data and can be run on a server or in a browser.
This module is part of the Turfjs project, an open source module collection dedicated to geographic algorithms. It is maintained in the Turfjs/turf repository, where you can create PRs and issues.
Install this module individually:
$ npm install @turf/turf
Or install the Turf module that includes it as a function:
$ npm install @turf/turf
FAQs
a JavaScript library for performing geospatial operations with GeoJSON
We found that @turf/turf demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 9 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.