Security News
Research
Supply Chain Attack on Rspack npm Packages Injects Cryptojacking Malware
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
A suite of 3D-enabled data visualization overlays, suitable for react-map-gl
deck.gl is a powerful WebGL-powered framework for visual exploratory data analysis of large datasets. It provides a suite of highly performant, customizable layers for rendering complex data visualizations on top of maps.
ScatterplotLayer
The ScatterplotLayer is used to render scatter plot points on a map. Each point can be customized with different sizes and colors.
const {DeckGL, ScatterplotLayer} = require('deck.gl');
const scatterplotLayer = new ScatterplotLayer({
id: 'scatterplot-layer',
data: [
{position: [-122.45, 37.78], size: 100},
{position: [-122.46, 37.79], size: 200}
],
getPosition: d => d.position,
getRadius: d => d.size,
getColor: [255, 0, 0]
});
const deckgl = new DeckGL({
initialViewState: {
longitude: -122.45,
latitude: 37.78,
zoom: 12
},
controller: true,
layers: [scatterplotLayer]
});
GeoJsonLayer
The GeoJsonLayer is used to render GeoJSON data. It supports features like picking, extruding, and coloring of GeoJSON polygons.
const {DeckGL, GeoJsonLayer} = require('deck.gl');
const geoJsonLayer = new GeoJsonLayer({
id: 'geojson-layer',
data: 'https://raw.githubusercontent.com/uber-common/deck.gl-data/master/examples/geojson/vancouver-blocks.json',
pickable: true,
stroked: false,
filled: true,
extruded: true,
getFillColor: [160, 160, 180, 200],
getLineColor: [255, 255, 255],
getRadius: 100,
getLineWidth: 1
});
const deckgl = new DeckGL({
initialViewState: {
longitude: -123.1,
latitude: 49.28,
zoom: 11
},
controller: true,
layers: [geoJsonLayer]
});
ArcLayer
The ArcLayer is used to render arcs between pairs of coordinates. It is useful for visualizing connections or flows between locations.
const {DeckGL, ArcLayer} = require('deck.gl');
const arcLayer = new ArcLayer({
id: 'arc-layer',
data: [
{source: [-122.45, 37.78], target: [-122.46, 37.79]},
{source: [-122.46, 37.79], target: [-122.47, 37.80]}
],
getSourcePosition: d => d.source,
getTargetPosition: d => d.target,
getSourceColor: [0, 128, 200],
getTargetColor: [255, 0, 0],
getWidth: 2
});
const deckgl = new DeckGL({
initialViewState: {
longitude: -122.45,
latitude: 37.78,
zoom: 12
},
controller: true,
layers: [arcLayer]
});
Leaflet is a popular open-source JavaScript library for mobile-friendly interactive maps. It is lightweight and easy to use, but it does not offer the same level of performance and customization for large datasets as deck.gl.
Mapbox GL JS is a powerful library for interactive, customizable vector maps. It offers high performance and a wide range of features, but it is more focused on map rendering and less on data visualization compared to deck.gl.
Three.js is a JavaScript library for creating 3D graphics in the browser. While it is highly versatile and powerful for 3D rendering, it requires more effort to set up and use for data visualization compared to deck.gl.
npm install --save luma.gl deck.gl
Provides tested, highly performant layers for basic data visualization use cases, scatterplots, choropleths etc in 2 and 3 dimensions.
import DeckGL from 'deck.gl/react';
import {ArcLayer} from 'deck.gl';
const flights = new ArcLayer({
id: 'flights',
data: [] // Some flight points
});
<DeckGL width={1920} height={1080} layers={[flights]} />
Take a look at the docs website or browse the docs folder.
npm install
npm test
npm start
Note: Building deck.gl (not importing) has a dependency on node version 0.12 or higher. If you use an older version, you can install a node version manager like nvm and use a separate shell to install and build deck.gl.
npm install -g nvm && nvm install 0.12 && nvm use 0.122
PRs and bug reports are welcome. Note that you once you open a PR your will be asked to register as a contributor by filling in a small form.
FAQs
A suite of 3D-enabled data visualization overlays, suitable for react-map-gl
We found that deck.gl demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 10 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.
Security News
Sonar’s acquisition of Tidelift highlights a growing industry shift toward sustainable open source funding, addressing maintainer burnout and critical software dependencies.