Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
D3.js (or just D3 for Data-Driven Documents) is a JavaScript library for producing dynamic, interactive data visualizations in web browsers. It helps in manipulating documents based on data and uses HTML, SVG, and CSS to bring data to life. D3's emphasis on web standards gives you the full capabilities of modern browsers without tying yourself to a proprietary framework.
Data Binding
D3 allows you to bind data to the DOM (Document Object Model), and then apply data-driven transformations to the document. In this code sample, we select paragraph elements and bind them to an array of numbers, setting their text content to the bound data.
const data = [1, 2, 3, 4];
const p = d3.select('body').selectAll('p').data(data).text(d => d);
Creating and Manipulating SVG
D3 can create and manipulate SVG elements for complex visualizations. This code sample creates an SVG element and appends a blue circle to it.
const svg = d3.select('body').append('svg').attr('width', 100).attr('height', 100);
svg.append('circle').attr('cx', 50).attr('cy', 50).attr('r', 40).style('fill', 'blue');
Dynamic Properties and Transitions
D3 makes it easy to apply dynamic styles and transitions to elements. Here, all circles in the document are transitioned to a red fill color over 750 milliseconds.
d3.selectAll('circle').transition().duration(750).style('fill', 'red');
Data-Driven Document Transformations
D3 can load external data sources like CSV files and use them to drive document transformations. In this example, data from a CSV file is used to create and append paragraph elements to the body of the document.
d3.csv('data.csv').then(data => {
d3.select('body').selectAll('p').data(data).enter().append('p').text(d => d.value);
});
Interactivity and Event Handling
D3 provides powerful event handling for interactive visualizations. This code sample adds a click event listener to all paragraph elements, changing their background color to yellow when clicked.
d3.select('body').selectAll('p').on('click', function(event, d) {
d3.select(this).style('background-color', 'yellow');
});
Chart.js is a simple yet flexible JavaScript charting library. It provides a variety of chart types and is easy to use, but it is less customizable and has fewer features for complex visualizations compared to D3.
Highcharts is a charting library written in pure JavaScript, offering an easy way of adding interactive charts to your web site or web application. Highcharts is more focused on charting and less on arbitrary graphics or complex data-driven transformations than D3.
C3 is a D3-based reusable chart library that enables deeper integration of charts into web applications. It simplifies the process of creating charts by providing a layer of abstraction over D3, but it is less flexible for creating highly customized visualizations.
Vega is a visualization grammar, a declarative language for creating, saving, and sharing interactive visualization designs. It can be seen as a higher-level visualization tool that abstracts away much of the complexity of D3, but with less direct control over the final output.
D3.js is a JavaScript library for manipulating documents based on data. D3 helps you bring data to life using HTML, SVG, and CSS. D3 emphasizes web standards and combines powerful visualization components with a data-driven approach to DOM manipulation, giving you the full capabilities of modern browsers without tying yourself to a proprietary framework.
Want to learn more? See the wiki.
For examples, see the gallery and mbostock’s bl.ocks.
The next major release of D3, 4.0, is coming! See the 4.0 development branch and read the new API reference to get ready.
FAQs
Data-Driven Documents
We found that d3 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.