Security News
NVD Backlog Tops 20,000 CVEs Awaiting Analysis as NIST Prepares System Updates
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
@accordproject/concerto-core
Advanced tools
Concerto is a lightweight 100% JavaScript schema language and runtime. It works in both a Node.js process and in your browser. The browserified version of Concerto is ±280KB. We are working on making it even smaller.
Things you can do using Concerto:
npm install @accordproject/concerto --save
namespace org.acme.address
/**
* This is a concept
*/
concept PostalAddress {
o String streetAddress optional
o String postalCode optional
o String postOfficeBoxNumber optional
o String addressRegion optional
o String addressLocality optional
o String addressCountry optional
}
const ModelManager = require('@accordproject/concerto').ModelManager;
const modelManager = new ModelManager();
modelManager.addModelFile( concertoFileText, 'filename.cto');
const Factory = require('@accordproject/concerto').Factory;
const factory = new Factory(modelManager);
const postalAddress = factory.newConcept('org.acme.address', 'PostalAddress');
postalAddress.streetAddress = '1 Maine Street';
const Serializer = require('@accordproject/concerto').Serializer;
const serializer = new Serializer(factory, modelManager);
const plainJsObject = serializer.toJSON(postalAddress); // instance will be validated
console.log(JSON.stringify(plainJsObject, null, 4);
const postalAddress = serializer.fromJSON(plainJsObject); // JSON will be validated
console.log(postalAddress.streetAddress);
The Concerto metamodel contains:
namespace foo
Every Concerto file starts with the name of a single namespace. All the definitions within a single file therefore belong to the same namespace. The ModelManager
will refuse to load two model files that have the same namespace.
To reference types defined in one namespace in another namespace the types must be imported.
Imports can either be qualified, or can use wildcards.
import org.accordproject.address.PostalAddress
import org.accordproject.address.*
Imports can also use the optional from
declaration to import a model files that has been deployed to a URL.
import org.accordproject.address.PostalAddress from https://models.accordproject.org/address.cto
Imports that use a from
declaration can be downloaded into the model manager by calling modelManager.updateExternalModels
.
The Model Manager will resolve all imports to ensure that the set of declarations that have been loaded are globally consistent.
Concepts are similar to class declarations in most object-oriented languages, in that they may have a super-type and a set of typed properties:
abstract concept Animal {
o DateTime dob
}
concept Dog extends Animal {
o String breed
}
A concept can be declared abstract
is it should not be instantiated (must be subclassed).
An asset is a class declaration that has a single String
property that acts as an identifier. Use the modelManager.getAssetDeclarations
API to look up all assets.
asset Vehicle identified by vin {
o String vin
}
Assets are typically used in your models for the long-lived identifiable Things (or nouns) in the model: cars, orders, shipping containers, products etc.
An participant is a class declaration that has a single String
property that acts as an identifier. Use the modelManager.getParticipantDeclarations
API to look up all participants.
participant Customer identified by email {
o String email
}
Participants are typically used in your models for the identifiable people or organizations in the model: person, customer, company, business, auditor etc.
An transaction is a class declaration that has a single String
property that acts as an identifier. Use the modelManager.getTransactionDeclarations
API to look up all transactions.
transaction Order identified by orderId {
o String orderId
}
Transactions are typically used in your models for the identifiable business events or messages that are submitted by Participants to change the state of Assets: cart check out, change of address, identity verification, place order etc.
Use enumerations to capture lists of domain values.
enum Gender {
o MALE
o FEMALE
o OTHER
o UNKNOWN
}
Class declarations contain properties. Each property has a type which can either be a type defined in the same namespace, an imported type or a primitive type.
Concerto supports the following primitive types:
String fields may include an optional regular expression, which is used to validate the contents of the field. Careful use of field validators allows Concerto to perform rich data validation, leading to fewer errors and less boilerplate application code.
The example below declares that the Farmer participant contains a field postcode that must conform to the regular expression for valid UK postcodes.
participant Farmer extends Participant {
o String firstName default="Old"
o String lastName default="McDonald"
o String address1
o String address2
o String county
o String postcode regex=/(GIR 0AA)|((([A-Z-[QVf]][0-9][0-9]?)|(([A-Z-[QVf]][A-Z-[IJZ]][0-9][0-9]?)|(([A-Z-[QVf]][0-9][A-HJKPSTUW])|([A-Z-[QVf]][A-Z-[IJZ]][0-9][ABEHMNPRVWfY])))) [0-9][A-Z-[CIKMOV]]{2})/
}
Double, Long or Integer fields may include an optional range expression, which is used to validate the contents of the field.
The example below declared that the Vehicle asset has an Integer field year which defaults to 2016 and must be 1990, or higher. Range expressions may omit the lower or upper bound if checking is not required.
asset Vehicle extends Base {
// An asset contains Fields, each of which can have an optional default value
o String model default="F150"
o String make default="FORD"
o String reg default="ABC123"
// A numeric field can have a range validation expression
o Integer year default=2016 range=[1990,] optional // model year must be 1990 or higher
o Integer[] integerArray
o State state
o Double value
o String colour
o String V5cID regex=/^[A-z][A-z][0-9]{7}/
o String LeaseContractID
o Boolean scrapped default=false
o DateTime lastUpdate optional
--> Participant owner //relationship to a Participant, with the field named 'owner'.
--> Participant[] previousOwners optional // Nary relationship
o Customer customer
}
A property of a class may be declared as a relationship using the -->
syntax instead of the o
syntax. The o
syntax declares that the class contains (has-a) property of that type, whereas the -->
syntax declares a typed pointer to an external identifiable instance.
This model declares that an Order
has-an array of OrderLine
concepts. When the Order
is deleted all the OrderLines
will also be deleted.
concept OrderLine {
o String sku
}
asset Order identified by orderId {
o String orderId
o OrderLine[] orderlines
}
Whereas this model declares that an Order
has-an array of reference to OrderLine
s. Deleting the Order
has no impact on the OrderLine
. When the Order
is serialized the JSON only the IDs of the OrderLines
are stored within the Order
, not the OrderLines
themselves.
asset OrderLine identified by orderLineId {
o String orderLineId
o String sku
}
asset Order identified by orderId {
o String orderId
--> OrderLine[] orderlines
}
A relationship is a tuple composed of:
The namespace of the type being referenced The type name of the type being referenced The identifier of the instance being referenced
Hence a relationship could be to: org.example.Vehicle#123456
This would be a relationship to the Vehicle
type declared in the org.example
namespace with the identifier 123456
.
Relationships are unidirectional and deletes do not cascade, ie. removing the relationship has no impact on the thing that is being pointed to. Removing the thing being pointed to does not invalidate the relationship.
Relationships must be resolved to retrieve an instance of the object being referenced. The act of resolution may result in null, if the object no longer exists or the information in the relationship is invalid. Resolution of relationships is outside of the scope of the Model Manager.
Model elements may have arbitrary decorators (aka annotations) placed on them. These are available via API and can be useful for tools to extend the model.
@foo("arg1", 2)
asset Order identified by orderId {
o String orderId
}
Decorators have an arbitrary number of arguments. They support arguments of type:
Resource definitions and properties may be decorated with 0 or more decorations. Note that only a single instance of a decorator is allowed on each element type. I.e. it is invalid to have the @bar decorator listed twice on the same element.
Decorators are accessible at runtime via the ModelManager
introspect APIs. This allows tools and utilities to use Concerto to describe a core model, while decorating it with sufficient metadata for their own purposes.
The example below retrieves the 3rd argument to the foo decorator attached to the myField property of a class declaration:
const val = myField.getDecorator('foo').getArguments()[2];
Accord Project source code files are made available under the Apache License, Version 2.0. Accord Project documentation files are made available under the Creative Commons Attribution 4.0 International License (CC-BY-4.0).
Copyright 2018-2019 Clause, Inc. All trademarks are the property of their respective owners. See LF Projects Trademark Policy.
FAQs
Core Implementation for the Concerto Modeling Language
The npm package @accordproject/concerto-core receives a total of 1,776 weekly downloads. As such, @accordproject/concerto-core popularity was classified as popular.
We found that @accordproject/concerto-core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.