Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
TOC | web-ifc documentation | platform documentation | demo | community | npm package
web-ifc is a javascript library to read and write ifc files, at native speeds. web-ifc is part of the That Open Company project, which aims to lower the threshold for developing open BIM applications.
Although it is quite stable and fast already, web-ifc is in pre-alpha status until ifc support matures. The list of currently supported ifc elements, or level of support for different ifc types, is an undocumented work in progress.
Depending on your models, web-ifc may be quick and correct, or slow and broken. If your model does not work as expected please raise an issue and attach the model if possible, or contact us and we can discuss passing the model confidentially.
npm install web-ifc
const WebIFC = require("web-ifc/web-ifc-api.js");
// initialize the API
const ifcApi = new WebIFC.IfcAPI();
// initialize the library
await ifcApi.Init();
// open a model from data
let modelID = ifcApi.OpenModel(/* IFC data as a string or UInt8Array */, /* optional settings object */, );
// the model is now loaded! use modelID to fetch geometry or properties
// checkout examples/usage for some details on how to read/write IFC
// close the model, all memory is freed
ifcApi.CloseModel(modelID);
See examples for more details on how to use web-ifc.
The current live build of web-ifc is available here. Using this allows you to test newest fixes before we make a release. If you wish to use this version then download the zip file and place the contents of the dist folder manually into your node_modules/web-ifc folder. I.e if you are using web-ifc-three then it will be node_modules/web-ifc-three/node_modules/web-ifc. Please note you must replace the javascript and the WASM.
These are the requirements needed to build web-ifc (only for those that wish to build their own version).
We have a library of test models in the tests/public folder. If you have a model you would like to contribute please open a PR.
You can run regression tests on all these models by running npm run regression
. It will alert you if any of the sample model geometry has changed. If the change is correct you can refresh the regression tests by running npm run regression-update
.
The WASM library is built through emscripten, please see the emscripten installation guide for information on how to set up emscripten. Afterwards emsdk_env
needs to be in your path.
To build the WASM you also need CMAKE see here and (on windows) MINGW see here - once installed (and in your path) run npm run setup-mingw
to configure the environment for web-ifc.
Run npm install
to install all dependencies.
Run npm run setup-env
whenever you open a new terminal, this will set up the required emscripten environment variables for you to compile code.
Run npm run build-release
to build a release version of the wasm binary and the accompanying web-ifc api. It will be placed in ./dist
.
If you wish to build the WASM with debugging enabled you can run npm run build-debug
. This will enable you to inspect debugging information better when running web-ifc.
Run npm run dev
to launch a development server with a basic ifc file viewer.
The output of the build process consts of the following files:
Although the primary focus of the library is to be used through WebAssembly in the browser/nodejs, the project can be used stand-alone as a c++ library or executable. See here for a simple entry point to get started.
FAQs
ifc loading on the web
The npm package web-ifc receives a total of 14,975 weekly downloads. As such, web-ifc popularity was classified as popular.
We found that web-ifc demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.