Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Leaflet is a widely used open-source JavaScript library that helps you create mobile-friendly interactive maps. It provides features that allow users to embed maps into web pages, add various types of layers, markers, popups, and handle user interactions with the map.
Map Initialization
This code initializes a new map in the 'mapid' HTML element and sets the view to a specific latitude and longitude and a zoom level.
var map = L.map('mapid').setView([51.505, -0.09], 13);
Tile Layer
This code adds a tile layer to the map using OpenStreetMap tiles. It sets the maximum zoom level and adds attribution text.
L.tileLayer('https://{s}.tile.openstreetmap.org/{z}/{x}/{y}.png', {
maxZoom: 19,
attribution: '© OpenStreetMap contributors'
}).addTo(map);
Markers
This code places a marker on the map at the specified latitude and longitude.
var marker = L.marker([51.5, -0.09]).addTo(map);
Popups
This code binds a popup with some HTML content to the previously created marker and opens it.
marker.bindPopup('<b>Hello world!</b><br>I am a popup.').openPopup();
GeoJSON
This code adds a GeoJSON layer to the map. The 'geojsonData' variable should contain valid GeoJSON.
L.geoJSON(geojsonData).addTo(map);
OpenLayers is an open-source JavaScript library for displaying map data in web browsers. It provides a similar range of features to Leaflet, but it is known for being more feature-rich and customizable, which can make it more complex to use.
Mapbox GL JS is a JavaScript library that uses WebGL to render interactive maps from vector tiles and Mapbox styles. It is known for its smooth rendering capabilities and is suitable for applications that require more advanced visual effects and functionalities.
This package is a wrapper around the Google Maps API for use within React applications. It allows for the integration of Google Maps features, but it requires an API key and is not open-source like Leaflet.
Leaflet was created 11 years ago by Vladimir Agafonkin, an Ukrainian citizen living in Kyiv.
Vladimir is no longer in Kyiv, because Russian bombs are falling over the city. His family, his friends, his neighbours, thousands and thousands of absolutely wonderful people, are either seeking refuge or fighting for their lives.
The Russian occupation of Ukraine contravenes and violates several international laws, including the United Nations Charter. It is an unprovoked, unjustifiable, and despicable action that endangers countless civilians.
As Vladimir expressed a few days ago:
If you want to help, educate yourself and others on the Russian threat, follow reputable journalists, demand severe Russian sanctions and Ukrainian support from your leaders, protest war, reach out to Ukrainian friends, donate to Ukrainian charities. Just don't be silent.
Ukrainians are recommending the Come Back Alive charity. For other options, see SupportUkraineNow.org.
If an appeal to humanity doesn't work for you, I'll appeal to your egoism: the future of Ukrainian citizens is the future of Leaflet.
It is chilling to see Leaflet being used for factual reporting of the war and for coordination of humanitarian efforts in Romania and in Poland. We commend these uses of Leaflet.
If you support the actions of the Russian government (even after reading all this), do everyone else a favour and carry some seeds in your pocket.
Yours truly,
Leaflet maintainers.
Leaflet is the leading open-source JavaScript library for mobile-friendly interactive maps. Weighing just about 39 KB of gzipped JS plus 4 KB of gzipped CSS code, it has all the mapping features most developers ever need.
Leaflet is designed with simplicity, performance and usability in mind. It works efficiently across all major desktop and mobile platforms out of the box, taking advantage of HTML5 and CSS3 on modern browsers while being accessible on older ones too. It can be extended with a huge amount of plugins, has a beautiful, easy to use and well-documented API and a simple, readable source code that is a joy to contribute to.
For more info, docs and tutorials, check out the official website.
For Leaflet downloads (including the built main version), check out the download page.
We're happy to meet new contributors. If you want to get involved with Leaflet development, check out the contribution guide. Let's make the best mapping library that will ever exist, and push the limits of what's possible with online maps!
FAQs
JavaScript library for mobile-friendly interactive maps
The npm package leaflet receives a total of 900,125 weekly downloads. As such, leaflet popularity was classified as popular.
We found that leaflet demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.