Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Carto Config Customizer is a very simple tool for customizing layers values of a `.mml` config file
Very simple tool for customizing layers values of a .mml
config file.
Warning: it's experimental and work in progress.
npm intall cartocc
For example, you may want to customize the database connection or some shp file path.
CartoCC makes it very simple. You just create some rules, stored in a json file, applying to layers fields. Each rule define some values to set to a layer if some field has some value.
Example of rules:
[
{
"if": {
"Datasource.type": "postgis"
},
"then": {
"Datasource.dbname": "osm2",
"Datasource.host": "localhost2",
"Datasource.password": "blahblah"
}
},
{
"if": {
"class": "shp"
},
"then": {
"Datasource.file": "/data/{id}.shp"
}
}
]
You can also have multiple conditions (which are ANDed):
[
{
"if": {
"geometry": "multipolygon",
"class": "bigdata"
},
"then": {
"Datasource.dbname": "anotherdb",
"Datasource.host": "hostforbigqueries",
"Datasource.password": "123456"
}
}
]
You can also test on an array of values (which are ORed):
[
{
"if": {
"id": ["id1", "id2"]
},
"then": {
"Datasource.dbname": "anotherdb",
"Datasource.host": "anotherhost",
"Datasource.password": "123456"
}
}
]
You can use dynamic properties of the layer in the final value (this will use Layer.id in the final path):
[
{
"if": {
"Datasource.type": "shape"
},
"then": {
"Datasource.file": "/data/{id}/{id}.shp"
}
}
]
Notes:
Layer
. You can use a path as field reference.
For example, Datasource.type
will look for the field type
of Layer.Datasource
.Then run the script from command line to get the customized .mml
file:
cartocc <path-to-project.mml> <path-to-custom-rules.json> > local_project.mml
When using TileMill in a collaborative workflow, the commits involving the .mml file
can be polluted by changes related to local configuration. To avoid this, here is a suggested workflow.
Important limitation to notice: it will not be possible to use TileMill itself for managing the .mml
file.
.mml
a <project-name>.mml
file; only this one must be versionned (TileMill defaults to <project-name>.mml
in case project.mml
is missing)cartocc.json
located in your project root to store the rules.cartocc <project-name>
; this will generate a project.mml
file in the project root, which will be used by TileMill; this file must not be committed.FAQs
Carto Config Customizer is a very simple tool for customizing layers values of a `.mml` config file
The npm package cartocc receives a total of 6 weekly downloads. As such, cartocc popularity was classified as not popular.
We found that cartocc demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.