{"id":8230,"date":"2018-02-16T07:44:27","date_gmt":"2018-02-16T12:44:27","guid":{"rendered":"https:\/\/rud.is\/b\/?p=8230"},"modified":"2018-03-10T08:01:08","modified_gmt":"2018-03-10T13:01:08","slug":"pym-js-library-vulnerability-in-widgetframe-package","status":"publish","type":"post","link":"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/","title":{"rendered":"Pym.js Library Vulnerability in widgetframe Package"},"content":{"rendered":"<h2>What&#8217;s Up?<\/h2>\n<p>The NPR Visuals Team created and maintains a <a href=\"http:\/\/blog.apps.npr.org\/pym.js\/\">javascript library<\/a> that makes it super easy to embed iframes on web pages and have said documents still be responsive.<\/p>\n<p>The <a href=\"https:\/\/cran.r-project.org\/web\/packages\/widgetframe\/index.html\"><code>widgetframe<\/code><\/a> R htmlwidget uses <code>pym.js<\/code> to bring this (much needed) functionality into widgets and (eventually) shiny apps.<\/p>\n<p>NPR <a href=\"http:\/\/blog.apps.npr.org\/2018\/02\/15\/pym-security-vulnerability.html\">reported<\/a> a <strong>critical<\/strong> vulnerability in this library on February 15th, 2018 with no details (said details will be coming next week).<\/p>\n<p>Per NPR&#8217;s guidance, <strong>any production code using pym.js needs to be pulled or updated to use this new library<\/strong>.<\/p>\n<p>I created <a href=\"https:\/\/github.com\/bhaskarvk\/widgetframe\/issues\/12\">an issue<\/a> &amp; pushed up a <a href=\"https:\/\/github.com\/bhaskarvk\/widgetframe\/pull\/13\">PR<\/a> that incorporates the new version. NOTE that the YAML config file in the existing CRAN package and GitHub dev version incorrectly has 1.3.2 as the version (it&#8217;s really the 1.3.1 dev version).<\/p>\n<p>A look at the diff:<br \/>\n<a href=\"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2018\/02\/Screenshot-2018-2-16-Updated-pym-js-to-1-3-2-it-was-1-3-1-tho-the-yaml-said-1-3-2-by-hrbrmstr-%C2%B7-Pull-Request-13-%C2%B7-bhaska....png?ssl=1\"><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"8231\" data-permalink=\"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/screenshot-2018-2-16-updated-pym-js-to-1-3-2-it-was-1-3-1-tho-the-yaml-said-1-3-2-by-hrbrmstr-%c2%b7-pull-request-13-%c2%b7-bhaska\/\" data-orig-file=\"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2018\/02\/Screenshot-2018-2-16-Updated-pym-js-to-1-3-2-it-was-1-3-1-tho-the-yaml-said-1-3-2-by-hrbrmstr-%C2%B7-Pull-Request-13-%C2%B7-bhaska....png?fit=1530%2C358&amp;ssl=1\" data-orig-size=\"1530,358\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"Screenshot-2018-2-16 Updated pym js to 1 3 2 (it was 1 3 1 tho the yaml said 1 3 2) by hrbrmstr \u00b7 Pull Request #13 \u00b7 bhaska[&amp;#8230;]\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2018\/02\/Screenshot-2018-2-16-Updated-pym-js-to-1-3-2-it-was-1-3-1-tho-the-yaml-said-1-3-2-by-hrbrmstr-%C2%B7-Pull-Request-13-%C2%B7-bhaska....png?fit=300%2C70&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2018\/02\/Screenshot-2018-2-16-Updated-pym-js-to-1-3-2-it-was-1-3-1-tho-the-yaml-said-1-3-2-by-hrbrmstr-%C2%B7-Pull-Request-13-%C2%B7-bhaska....png?fit=510%2C119&amp;ssl=1\" src=\"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2018\/02\/Screenshot-2018-2-16-Updated-pym-js-to-1-3-2-it-was-1-3-1-tho-the-yaml-said-1-3-2-by-hrbrmstr-%C2%B7-Pull-Request-13-%C2%B7-bhaska....png?resize=510%2C119&#038;ssl=1\" alt=\"\" width=\"510\" height=\"119\" class=\"aligncenter size-full wp-image-8231\" \/><\/a><\/p>\n<p>suggest that the library was not performing URL sanitization (and now is).<\/p>\n<h2>Watch Out For Standalone Docs<\/h2>\n<p>Any R markdown docs compiled in &#8220;standalone&#8221; mode will need to be recompiled and re-published as the vulnerable <code>pym.js<\/code> library comes along for the ride in those documents.<\/p>\n<p>Regardless of &#8220;standalone mode&#8221;, if you used <code>widgetframe<\/code> in any context, including:<\/p>\n<ul>\n<li><a href=\"https:\/\/rmarkdown.rstudio.com\/flexdashboard\/\">Flex Dashboard<\/a><\/li>\n<li><a href=\"rmarkdown.rstudio.com\">RMarkdown<\/a> + <span class=\"removed_link\" title=\"yihui.name\/knitr\/\">knitr<\/span><\/li>\n<li><a href=\"https:\/\/rmarkdown.rstudio.com\/lesson-13.html\">RMarkdown Website<\/a><\/li>\n<li><a href=\"https:\/\/slides.yihui.name\/xaringan\/\">Xaringan Presentations<\/a> (and other html-based R pres)<\/li>\n<li><a href=\"https:\/\/bookdown.org\/home\/\">Bookdown<\/a> gitbook<\/li>\n<li><a href=\"https:\/\/github.com\/rstudio\/blogdown\/\">blogdown<\/a><\/li>\n<\/ul>\n<p>anything created is vulnerable regardless of standalone compilation or not.<\/p>\n<h2>FIN<\/h2>\n<p>Once the final details are released I&#8217;ll update this post and may do a new post. Until then:<\/p>\n<ul>\n<li>check if you&#8217;ve used <code>widgetframe<\/code> (directly or indirectly)<\/li>\n<li>REMOVE ALL VULNERABLE DOCS from RPubs, GitHub pages, your web site (etc) today<\/li>\n<li>regenerate all standalone documents ASAP<\/li>\n<li>regenerate your blogs, books, dashboards, etc ASAP with the patched code; DO THIS FOR INTERNAL as well as internet-facing content.<\/li>\n<li>monitor this space<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>What&#8217;s Up? The NPR Visuals Team created and maintains a javascript library that makes it super easy to embed iframes on web pages and have said documents still be responsive. The widgetframe R htmlwidget uses pym.js to bring this (much needed) functionality into widgets and (eventually) shiny apps. NPR reported a critical vulnerability in this [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"activitypub_content_warning":"","activitypub_content_visibility":"","activitypub_max_image_attachments":3,"activitypub_interaction_policy_quote":"anyone","activitypub_status":"","footnotes":""},"categories":[681,765,91],"tags":[810],"class_list":["post-8230","post","type-post","status-publish","format-standard","hentry","category-cybersecurity","category-htmlwidgets","category-r","tag-post"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.2 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Pym.js Library Vulnerability in widgetframe Package - rud.is<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Pym.js Library Vulnerability in widgetframe Package - rud.is\" \/>\n<meta property=\"og:description\" content=\"What&#8217;s Up? The NPR Visuals Team created and maintains a javascript library that makes it super easy to embed iframes on web pages and have said documents still be responsive. The widgetframe R htmlwidget uses pym.js to bring this (much needed) functionality into widgets and (eventually) shiny apps. NPR reported a critical vulnerability in this [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/\" \/>\n<meta property=\"og:site_name\" content=\"rud.is\" \/>\n<meta property=\"article:published_time\" content=\"2018-02-16T12:44:27+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-03-10T13:01:08+00:00\" \/>\n<meta name=\"author\" content=\"hrbrmstr\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"hrbrmstr\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/\"},\"author\":{\"name\":\"hrbrmstr\",\"@id\":\"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886\"},\"headline\":\"Pym.js Library Vulnerability in widgetframe Package\",\"datePublished\":\"2018-02-16T12:44:27+00:00\",\"dateModified\":\"2018-03-10T13:01:08+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/\"},\"wordCount\":291,\"commentCount\":1,\"publisher\":{\"@id\":\"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886\"},\"keywords\":[\"post\"],\"articleSection\":[\"Cybersecurity\",\"htmlwidgets\",\"R\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/\",\"url\":\"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/\",\"name\":\"Pym.js Library Vulnerability in widgetframe Package - rud.is\",\"isPartOf\":{\"@id\":\"https:\/\/rud.is\/b\/#website\"},\"datePublished\":\"2018-02-16T12:44:27+00:00\",\"dateModified\":\"2018-03-10T13:01:08+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/rud.is\/b\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Pym.js Library Vulnerability in widgetframe Package\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/rud.is\/b\/#website\",\"url\":\"https:\/\/rud.is\/b\/\",\"name\":\"rud.is\",\"description\":\"&quot;In God we trust. All others must bring data&quot;\",\"publisher\":{\"@id\":\"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/rud.is\/b\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886\",\"name\":\"hrbrmstr\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1\",\"url\":\"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1\",\"width\":460,\"height\":460,\"caption\":\"hrbrmstr\"},\"logo\":{\"@id\":\"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1\"},\"description\":\"Don't look at me\u2026I do what he does \u2014 just slower. #rstats avuncular \u2022 ?Resistance Fighter \u2022 Cook \u2022 Christian \u2022 [Master] Chef des Donn\u00e9es de S\u00e9curit\u00e9 @ @rapid7\",\"sameAs\":[\"http:\/\/rud.is\"],\"url\":\"https:\/\/rud.is\/b\/author\/hrbrmstr\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Pym.js Library Vulnerability in widgetframe Package - rud.is","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/","og_locale":"en_US","og_type":"article","og_title":"Pym.js Library Vulnerability in widgetframe Package - rud.is","og_description":"What&#8217;s Up? The NPR Visuals Team created and maintains a javascript library that makes it super easy to embed iframes on web pages and have said documents still be responsive. The widgetframe R htmlwidget uses pym.js to bring this (much needed) functionality into widgets and (eventually) shiny apps. NPR reported a critical vulnerability in this [&hellip;]","og_url":"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/","og_site_name":"rud.is","article_published_time":"2018-02-16T12:44:27+00:00","article_modified_time":"2018-03-10T13:01:08+00:00","author":"hrbrmstr","twitter_card":"summary_large_image","twitter_misc":{"Written by":"hrbrmstr","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/#article","isPartOf":{"@id":"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/"},"author":{"name":"hrbrmstr","@id":"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886"},"headline":"Pym.js Library Vulnerability in widgetframe Package","datePublished":"2018-02-16T12:44:27+00:00","dateModified":"2018-03-10T13:01:08+00:00","mainEntityOfPage":{"@id":"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/"},"wordCount":291,"commentCount":1,"publisher":{"@id":"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886"},"keywords":["post"],"articleSection":["Cybersecurity","htmlwidgets","R"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/","url":"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/","name":"Pym.js Library Vulnerability in widgetframe Package - rud.is","isPartOf":{"@id":"https:\/\/rud.is\/b\/#website"},"datePublished":"2018-02-16T12:44:27+00:00","dateModified":"2018-03-10T13:01:08+00:00","breadcrumb":{"@id":"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/rud.is\/b\/2018\/02\/16\/pym-js-library-vulnerability-in-widgetframe-package\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/rud.is\/b\/"},{"@type":"ListItem","position":2,"name":"Pym.js Library Vulnerability in widgetframe Package"}]},{"@type":"WebSite","@id":"https:\/\/rud.is\/b\/#website","url":"https:\/\/rud.is\/b\/","name":"rud.is","description":"&quot;In God we trust. All others must bring data&quot;","publisher":{"@id":"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/rud.is\/b\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886","name":"hrbrmstr","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1","url":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1","contentUrl":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1","width":460,"height":460,"caption":"hrbrmstr"},"logo":{"@id":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1"},"description":"Don't look at me\u2026I do what he does \u2014 just slower. #rstats avuncular \u2022 ?Resistance Fighter \u2022 Cook \u2022 Christian \u2022 [Master] Chef des Donn\u00e9es de S\u00e9curit\u00e9 @ @rapid7","sameAs":["http:\/\/rud.is"],"url":"https:\/\/rud.is\/b\/author\/hrbrmstr\/"}]}},"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p23idr-28K","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":4051,"url":"https:\/\/rud.is\/b\/2016\/03\/07\/os-x-xquartz-vulnerability-test-using-r\/","url_meta":{"origin":8230,"position":0},"title":"OS X XQuartz Vulnerability Test Using R","author":"hrbrmstr","date":"2016-03-07","format":false,"excerpt":"It's usually a good thing when my #rstats and infosec worlds collide. Unfortunately, this time it's a script that R folk running on OS X can use to see if they are using a version of XQuartz that has a nasty vulnerability in the framework it uses to auto-update. If\u2026","rel":"","context":"In &quot;AppSec&quot;","block_context":{"text":"AppSec","link":"https:\/\/rud.is\/b\/category\/appsec\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":3649,"url":"https:\/\/rud.is\/b\/2015\/08\/27\/coloring-and-drawing-outside-the-lines-in-ggplot\/","url_meta":{"origin":8230,"position":1},"title":"Coloring (and Drawing) Outside the Lines in ggplot","author":"hrbrmstr","date":"2015-08-27","format":false,"excerpt":"Time for another Twitter-inspired blog post this week, this time from a tweet by @JonKalodimos: Is there a way to do this in #rstats #ggplot2 https:\/\/t.co\/kxWQFlYpbB\u2014 Jonathan Kalodimos (@JonKalodimos) August 27, 2015 I had seen and appreciated Ann's post on her makeover of the main graphic in [NPR's story](http:\/\/www.npr.org\/sections\/money\/2014\/10\/21\/357629765\/when-women-stopped-coding) and\u2026","rel":"","context":"In &quot;Data Visualization&quot;","block_context":{"text":"Data Visualization","link":"https:\/\/rud.is\/b\/category\/data-visualization\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":3413,"url":"https:\/\/rud.is\/b\/2015\/05\/15\/u-s-drought-monitoring-with-hexbin-state-maps-in-r\/","url_meta":{"origin":8230,"position":2},"title":"U.S. Drought Monitoring With Hexbin State Maps in R","author":"hrbrmstr","date":"2015-05-15","format":false,"excerpt":"On the news, today, of the early stages of drought hitting the U.S. northeast states I decided to springboard off of yesterday's post and show a more practical use of hexbin state maps than the built-in (and still purpose unknown to me) \"bees\" data. The U.S. Drought Monitor site supplies\u2026","rel":"","context":"In &quot;cartography&quot;","block_context":{"text":"cartography","link":"https:\/\/rud.is\/b\/category\/cartography\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":4217,"url":"https:\/\/rud.is\/b\/2016\/03\/29\/easier-composite-u-s-choropleths-with-albersusa\/","url_meta":{"origin":8230,"position":3},"title":"Easier Composite U.S. Choropleths with albersusa","author":"hrbrmstr","date":"2016-03-29","format":false,"excerpt":"Folks who've been tracking this blog on R-bloggers probably remember [this post](https:\/\/rud.is\/b\/2014\/11\/16\/moving-the-earth-well-alaska-hawaii-with-r\/) where I showed how to create a composite U.S. map with an Albers projection (which is commonly referred to as AlbersUSA these days thanks to D3). I'm not sure why I didn't think of this earlier, but you\u2026","rel":"","context":"In &quot;cartography&quot;","block_context":{"text":"cartography","link":"https:\/\/rud.is\/b\/category\/cartography\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2016\/03\/Fullscreen_3_29_16__9_06_AM.png?fit=1200%2C747&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2016\/03\/Fullscreen_3_29_16__9_06_AM.png?fit=1200%2C747&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2016\/03\/Fullscreen_3_29_16__9_06_AM.png?fit=1200%2C747&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2016\/03\/Fullscreen_3_29_16__9_06_AM.png?fit=1200%2C747&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2016\/03\/Fullscreen_3_29_16__9_06_AM.png?fit=1200%2C747&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":3832,"url":"https:\/\/rud.is\/b\/2015\/12\/28\/world-map-panel-plots-with-ggplot2-2-0-ggalt\/","url_meta":{"origin":8230,"position":4},"title":"World Map Panel Plots with ggplot2 2.0 &#038; ggalt","author":"hrbrmstr","date":"2015-12-28","format":false,"excerpt":"James Austin (@awhstin) made some #spiffy 4-panel maps with base R graphics but also posited he didn't use ggplot2 because: \u2026ggplot2 and maps currently do not support world maps at this point, which does not give us a great overall view. That is certainly a box I would not put\u2026","rel":"","context":"In &quot;cartography&quot;","block_context":{"text":"cartography","link":"https:\/\/rud.is\/b\/category\/cartography\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2015\/12\/facetmaps.png?fit=1154%2C722&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2015\/12\/facetmaps.png?fit=1154%2C722&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2015\/12\/facetmaps.png?fit=1154%2C722&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2015\/12\/facetmaps.png?fit=1154%2C722&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2015\/12\/facetmaps.png?fit=1154%2C722&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":4335,"url":"https:\/\/rud.is\/b\/2016\/04\/13\/52vis-week-3-waste-not-want-not\/","url_meta":{"origin":8230,"position":5},"title":"52Vis Week #3 &#8211; Waste Not, Want Not","author":"hrbrmstr","date":"2016-04-13","format":false,"excerpt":"The Wall Street Journal did a project piece [a while back](http:\/\/projects.wsj.com\/waste-lands\/) in the _\"Waste Lands: America's Forgotten Nuclear Legacy\"_. They dug through [Department of Energy](http:\/\/www.lm.doe.gov\/default.aspx?id=2602) and [CDC](http:\/\/www.cdc.gov\/niosh\/ocas\/ocasawe.html) data to provide an overview of the lingering residue of this toxic time in America's past (somehow, I have to believe the fracking\u2026","rel":"","context":"In &quot;52vis&quot;","block_context":{"text":"52vis","link":"https:\/\/rud.is\/b\/category\/52vis\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2016\/04\/waste.png?fit=1200%2C983&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2016\/04\/waste.png?fit=1200%2C983&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2016\/04\/waste.png?fit=1200%2C983&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2016\/04\/waste.png?fit=1200%2C983&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2016\/04\/waste.png?fit=1200%2C983&ssl=1&resize=1050%2C600 3x"},"classes":[]}],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/posts\/8230","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/comments?post=8230"}],"version-history":[{"count":0,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/posts\/8230\/revisions"}],"wp:attachment":[{"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/media?parent=8230"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/categories?post=8230"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/tags?post=8230"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}