Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
vim-webgl-viewer
Advanced tools
A high-performance 3D viewer and VIM file loader built on top of Three.JS.
https://vimaec.github.io/vim-webgl-viewer/api/
The VIM WebGL Viewer is an open-source high-performance 3D model viewer built on top of the popular Three.JS WebGL framework that specializes in loading extremely large AEC (Architectural/Engineering/Construction) models represented as VIM files.
The VIM WebGL viewer combines the Three.JS library with several common loaders and utilities, to reduce boilerplate code. It can be simply included via script tags or consumed using esm imports.
The VIM file format is a high-performance 3D scene format that supports rich BIM data, and can be easily extended to support other relational or non-relation data sets.
Unlike IFC the VIM format is already tessellated, and ready to render. This results in very fast load times. Unlike glTF the VIM format is faster to load, scales better, and has a consistent structure for relational BIM data.
More information on the vim format can be found here: https://github.com/vimaec/vim
Virtually the simplest usage of the VIM viewer is the following example:
<html>
<head>
<title>VIM Viewer</title>
</head>
<body>
<script src="https://unpkg.com/three@0.133.1/build/three.min.js"></script>
<script src="https://unpkg.com/vim-webgl-viewer"></script>
<script>
const viewer = new vim.Viewer()
viewer.loadVim(
'https://vim.azureedge.net/samples/residence.vim',
{
rotation: { x: 270, y: 0, z: 0 },
}
)
</script>
</body>
</html>
npm install
to install all dependenciesnpm run dev
to launch a dev-server and watch for changedocs
- this is the root folder for the GitHub page at https://vimaec.github.io/vim-webgl-viewer
. The docs\index.html
file is meant demo the latest stable patch release, while the docs\index-dev.html
Is meant to test the latest dev release.src
- contains the TypeScript source code for the viewer and loader.dist
- created by running the build script for creating a
distributable package. It contains five items after running the build
script:
dist\vim-webgl-viewer.es.js
- an EcmaScript moduledist\vim-webgl-viewer.es.js.map
- Typescript source map file map for the EcmaScript moduledist\vim-webgl-viewer.iife.js
- an immediately-invocable function expression (IIFE) intended for consumption from a web-pagedist\vim-webgl-viewer.iife.js.map
- Typescript source map file map for the IIFEtypes\
- A folder containing Typescript type declarations for the package.npm run dev
npm login
git status
is cleannpm run release-dev
to create a pre-release NPM package.docs/index-dev.html
to use the newly published package.npm run serve-docs
to test the npm dev package locally.main
.https://vimaec.github.io/vim-webgl-viewer/index-dev.html
npm login
npm run release-patch
to create a patch release NPM package.docs/index.html
to use the newly published package.docs/index.html
to main
.https://vimaec.github.io/vim-webgl-viewer/index.html
is working as expected.The following scripts are defined in the package.json, and can each be
executed from within VSCode by right-clicking the script name, or from the
command line by writing npm run <script-name>
where <script-name>
is the name of the script.
dev
- launch a dev environment using Vitebuild
- compiles an IIFE JavaScript module and ES module using Vite and the configuration file, placing the output in the dist
folder.bump-dev
- increments the pre-release version of the NPM package, with the id dev
. This will update the package.json
version number with a pre-release tag and number value (e.g. 1.0.0-dev.42). It will also create corresponding tag and commit it to Git.publish-dev
- publishes the current package to NPM with a dev
tag, as opposed to the default tag latest
.serve-docs
- launches a web-server with the docs folder as the root folder, for testing a published NPM packages (tagged develop or latest) locallyrelease-patch
- Increments the patch number and publishes an NPM package using the default tag (@latest
). Intended to be called from the main
branch only after the pre-release package has been created and tested.release-dev
- Increments the prerelease number and publishes an NPM prerelease package using the @dev
tag. Intended to be called from the main
branch after the features has been tested and built locally.eslint
- Runs eslint and reports all syntactic inconsistencies.documentation
- Generates api documentation at docs/api
.declarations
- Generates typescript declrations at dist/types
.The distributable files do not contain the underlying source for Three.JS to avoid duplication. Please include Three.JS on your own.
W/Up: Move camera forward
A/Left: Move camera to the left
S/Down: Move camera backward
D/Right: Move camera to the right
E: Move camera up
Q: Move camera down
Shift + direction: faster camera movement
+: Increase camera speed
-: Decrease camera speed
F8: Toggle orbit mode
Home: Look at model
Escape: Clear selection
Z: Look at selection
Hold left click + Move mouse: Tilt/Pan camera
Hold right click + Move mouse: Truck/Pedestal camera
Mouse wheel: Dolly Camera
Left click: Select object
Ctrl + Mouse wheel: Increase/Decrease camera speed
One Finger swipe: Tilt/Pan camera
Two Finger swipe: Truck/Pedestal camera
Two Finger pinch/spread: Dolly Camera
(https://blog.storyblocks.com/video-tutorials/7-basic-camera-movements/)
The Viewer
provides methods to load and unload Vim
s.
Object
is the highest level api and acts as a bridge between BIM
, G3d
and THREE
objects
A Vim
contains a Document
which contains the raw BIM
and g3d
information parsed from the file.
A Vim
contains the Settings
used when loading was called.
A Vim
contains a Scene
which contains the generated THREE objects to render the Vim
.
All raw G3d
and BIM
data is stored using the BFast
format.
mesh.ts
Takes G3d
data and THREE.BufferGeometry
and generates THREE.Mesh
s.
geometry.ts
Takes G3d
and generates THREE.BufferGeometry
Frame camera on an element
const vim = viewer.vims[0] // or keep vim reference from load
const object = vim.getObjectFromElementId(ELEMENT_ID)
viewer.camera.frame(object)
Highlight an element
const vim = viewer.vims[0] // or keep vim reference from load
const object = vim.getObjectFromElementId(ELEMENT_ID)
const wireframe = object.createWireframe()
this.viewer.renderer.add(wireframe)
// To remove hightlight
// this.viewer.renderer.removeObject(wireframe)
// wireframe.geometry.dispose()
Change Color of an element
const vim = viewer.vims[0] // or keep vim reference from load
const object = vim.getObjectFromElementId(ELEMENT_ID)
object.color = new THREE.Color(1,0,0)
// Revert to original color
// object.color = undefined
Replace or add behavior on click
// Capture default behavior
const defaultClick = viewer.onMouseClick.bind(viewer)
// Override the onClick callback
viewer.onMouseClick = (hit) => {
// Call the default behavior
defaultClick(hit)
// Add extra logic here
console.log('My extra behaviour with this entity')
console.log(hit.object.getBimElement())
}
Load from a custom http request
// Make request as usual
const xhr = new XMLHttpRequest()
// Specify response type ArrayBuffer
xhr.responseType = 'arraybuffer'
xhr.open('GET', url)
xhr.send()
xhr.onload = () => {
// Load vim by passing the array buffer
viewer.loadVim(xhr.response, {
rotation: { x: 270, y: 0, z: 0 }
})
}
FAQs
A high-performance 3D viewer and VIM file loader built on top of Three.JS.
The npm package vim-webgl-viewer receives a total of 237 weekly downloads. As such, vim-webgl-viewer popularity was classified as not popular.
We found that vim-webgl-viewer demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.