Mapshaper

Browser-based tool for editing, simplifying, and converting geographic data. All processing happens locally — your shapefiles never leave your machine.

Data & analysis

Open source

Strong

https://mapshaper.org · Reviewed 2026-04-02 · Editorial assessment by Mike Schneider — not an independent security audit

What should journalists know about Mapshaper?

Mapshaper is the tool newsroom graphics teams actually use. Built by Matthew Bloch, a graphics editor at The New York Times (MS in GIS/Cartography from UW-Madison), it does one family of tasks extremely well: simplify, convert, filter, dissolve, clip, and join geographic data. The killer feature is topologically-aware simplification — shared polygon borders stay aligned as you reduce detail, which QGIS's built-in simplify does not guarantee. In testing, Mapshaper's dissolve runs many times faster than QGIS or GRASS. The interactive simplification slider in the browser UI lets you drag to see exactly where detail drops off, which is something no desktop GIS matches for speed of iteration. All processing is client-side JavaScript — nothing uploads to any server, even on the public mapshaper.org site. The CLI (npm install -g mapshaper) supports batch pipelines and scripted workflows, and a mapshaper-xl variant allocates extra heap for large files. R users get rmapshaper on CRAN; QGIS users can install the qmapshaper plugin to call Mapshaper's algorithms from inside QGIS. With 3,400+ GitHub stars and active commits, this is mature, trusted infrastructure for geographic data work.

Best for

Simplifying shapefiles for web maps (reducing 50MB Census files to 500KB). Converting between Shapefile, GeoJSON, TopoJSON, CSV, KML, and SVG. Dissolving, clipping, joining, and filtering geographic features. Previewing and inspecting geodata before loading into D3, Datawrapper, or Flourish. Batch processing via CLI for repeatable map-data pipelines.

Not for

Full GIS analysis — spatial joins with attributes, raster processing, geocoding, routing (use QGIS). Publication-ready data visualizations or choropleth maps (use Datawrapper, Flourish, or D3). Editing individual point coordinates with precision (use QGIS or geojson.io). Satellite imagery or raster data of any kind.

Security & Privacy

Encryption in transit Yes

Data is scrambled while being sent to their servers

Encryption at rest Yes

Data is scrambled when stored on their servers

Data jurisdiction Local only. All processing runs client-side in your browser. No data is sent to any server. The mapshaper.org website is a static JavaScript application — geographic data never leaves your machine.

Where servers are located — affects which governments can request your data

Security rating Strong

Mapshaper has no privacy policy because it collects no data. The web app is pure client-side JavaScript. No accounts, no cookies, no analytics, no telemetry. Your geographic data stays in your browser's memory and is discarded when you close the tab.

How to protect yourself:

No special precautions needed — data never leaves your browser. For additional assurance with sensitive geographic data (e.g., source locations, conflict zones), run Mapshaper locally via npm (npm install -g mapshaper) to eliminate any network dependency entirely. For files over ~500MB, use Firefox (handles 1GB+ shapefiles) or the CLI with mapshaper-xl to avoid Chrome's memory limits.

Client-side processing means zero data exposure — your files never touch a server. Open-source (MPL 2.0) with 3,400+ GitHub stars and transparent code on GitHub. No accounts, no tracking, no cookies, no analytics. One of the strongest privacy stories in our entire evaluation set. The only theoretical risk is a supply-chain attack via npm dependencies, which applies to any JavaScript tool — mitigated by running a pinned version locally.

Who Owns This

Owner Matthew Bloch (Graphics Editor, The New York Times)

Funding Unfunded open-source project. Built and maintained by Bloch as a personal/professional tool. No grants, no sponsors, no commercial backing. The NYT connection is relevant context — Bloch built this to solve real newsroom problems — but the Times does not fund or own the project.

Business model None. Free and open-source under MPL 2.0 license. No paid tiers, no enterprise version, no support contracts.

Known issues

Browser memory limits are real. Chrome can crash on files over ~500MB; Firefox handles up to 1GB+. Very large GeoJSON files balloon in memory because every coordinate becomes a JS array object — switch to Shapefile format or use the CLI with mapshaper-xl (allocates 8GB heap by default, configurable higher). The web UI has no undo history — destructive edits are permanent within the session. No projection/CRS transformation support in the browser UI (CLI supports -proj). Single-developer project: bus factor of one, though the codebase is clean and well-structured.

Pricing

Free

This is an editorial assessment based on publicly available information as of 2026-04-02, using our published methodology. Independent security review is pending. Security posture can change at any time. This is not a guarantee of safety.

Something wrong or outdated? Report it.