Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
svelte-maplibre
Advanced tools
Svelte wrapper for the maplibre mapping library.
This library is functional, but I'm still experimenting with extra features to make advanced functionality easier to use. It also needs proper documentation. In the meantime, the demo site includes code for all the examples, and is a good place to start.
npm install svelte-maplibre
<script>
import { MapLibre } from 'svelte-maplibre';
</script>
<MapLibre
center={[50,20]}
zoom={7}
class="map"
standardControls
style="https://basemaps.cartocdn.com/gl/positron-gl-style/style.json" />
<style>
:global(.map) {
height: 500px;
}
</style>
You should create a .env
file to configure the environment. See the .env.example
file for the
necessary settings.
Currently the only environment variable is a MapTiler API key, required for the 3D Buildings example. If you don't have one, you can set this to a blank value to use the other examples.
Logo created by Bruce Wayyn
FAQs
Svelte bindings for MapLibre
The npm package svelte-maplibre receives a total of 7,595 weekly downloads. As such, svelte-maplibre popularity was classified as popular.
We found that svelte-maplibre demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.