Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
org.webjars.npm:comunica__context-entries
Advanced tools
A knowledge graph querying framework for JavaScript
Flexible SPARQL and GraphQL over decentralized RDF on the Web.
Learn more about Comunica on our website.
Comunica is an open-source project that is used by many other projects, and is being maintained by a group of volunteers. If you would like to support this project, you may consider:
Comunica is a community-driven project, sustained by the Comunica Association. If you are using Comunica, becoming a sponsor or member is a way to make Comunica sustainable in the long-term.
Our top sponsors are shown below!
Read one of our guides to get started with querying:
Or jump right into one of the available query engines:
Source Customisation
Solid Customisation
Link Traversal Research
Reasoning Support
Read one of our guides to get started with modifying Comunica, or have a look at some examples:
Interested in contributing? Have a look at our contribution guide.
(JSDoc: https://comunica.github.io/comunica/)
This repository should be used by Comunica module developers as it contains multiple Comunica modules that can be composed. This repository is managed as a monorepo using Lerna.
If you want to develop new features or use the (potentially unstable) in-development version, you can set up a development environment for Comunica.
Comunica requires Node.JS 8.0 or higher and the Yarn package manager. Comunica is tested on OSX, Linux and Windows.
This project can be setup by cloning and installing it as follows:
$ git clone https://github.com/comunica/comunica.git
$ cd comunica
$ yarn install
Note: npm install
is not supported at the moment, as this project makes use of Yarn's workspaces functionality
This will install the dependencies of all modules, and bootstrap the Lerna monorepo.
After that, all Comunica packages are available in the packages/
folder
and can be used in a development environment, such as querying with Comunica SPARQL (@comunica/query-sparql
).
Furthermore, this will add pre-commit hooks
to build, lint and test.
These hooks can temporarily be disabled at your own risk by adding the -n
flag to the commit command.
If you want to do benchmarking with Comunica in Node.js, make sure to run Node.js in production mode as follows:
> NODE_ENV=production node packages/some-package/bin/some-bin.js
The reason for this is that Comunica extensively generates
internal Error
objects.
In non-production mode, these also produce long stacktraces,
which may in some cases impact performance.
If you are using or extending Comunica as part of a scientific publication, we would appreciate a citation of our article.
@inproceedings{taelman_iswc_resources_comunica_2018,
author = {Taelman, Ruben and Van Herwegen, Joachim and Vander Sande, Miel and Verborgh, Ruben},
title = {Comunica: a Modular SPARQL Query Engine for the Web},
booktitle = {Proceedings of the 17th International Semantic Web Conference},
year = {2018},
month = oct,
url = {https://comunica.github.io/Article-ISWC2018-Resource/}
}
This code is copyrighted by the Comunica Association and Ghent University – imec and released under the MIT license.
FAQs
WebJar for @comunica/context-entries
We found that org.webjars.npm:comunica__context-entries demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.