Security News
Research
Supply Chain Attack on Rspack npm Packages Injects Cryptojacking Malware
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
@comunica/utils-expression-evaluator
Advanced tools
Previously called sparqlee - sparql expression evaluator. A simple spec-compliant SPARQL 1.1 expression evaluator package.
Learn more about the expression evaluator.
This module is part of the Comunica framework, and should only be used by developers that want to build their own query engine.
Click here if you just want to query with Comunica.
$ yarn add @comunica/utils-expression-evaluator
ExpressionEvaluator
: An evaluator for SPARQL expressions working with Promises.IAsyncEvaluatorContext
: Context used to configure the ExpressionEvaluator
. See Config.SyncEvaluator
: An evaluator for SPARQL expressions working without Promises.ISyncEvaluatorContext
: Context used to configure the SyncEvaluator
. See Config.AggregateEvaluator
: An evaluator for SPARQL aggregate expressions working without promises. See Aggregates.ExpressionError
: An error class for SPARQL expression errors as defined in the error section.isExpressionError
: A way to check if an error is of type ExpressionError
.orderTypes
: A function to order types according to the SPARQL ORDER BY specification.AsyncAggregateEvaluator
: An evaluator for SPARQL aggregate expressions working with promises. See Aggregates.yarn
and node
.yarn install
.package.json
):
yarn run build
SPARQL Algebra expression can be transformed to an internal representation (see AlgebraTransformer.ts). This will build objects (see expressions module) that contain all the logic and data for evaluation. After transformation, the evaluator will recursively evaluate all the expressions.
The testing environment is set up to do a lot of tests with little code.
The files responsible for fluent behaviour reside in the test/util
module.
Most tests can be run by running the runTestTable
method in utils.
This method expects a TestTable. Multiple test are run over a TestTable (one for every line).
A TestTable may contain aliases if the aliases are also provided
(Some handy aliases reside in Aliases.ts).
This means that when testing something like "3"^^xsd:integer equals "3"^^xsd:integer
is "true"^^xsd:boolean
.
We would write a small table (for this example some more tests are added) and test it like this:
import { bool, merge, numeric } from './util/Aliases';
import { Notation } from './util/TruthTable';
import { runTestTable } from './util/utils';
runTestTable({
testTable: `
3i 3i = true
3i -5i = false
-0f 0f = true
NaN NaN = false
`,
arity: 2,
operation: '=',
aliases: merge(numeric, bool),
notation: Notation.Infix,
});
More options can be provided and are explained with the type definition of the argument of runTestTable
.
We can also provide an errorTable
to the runTestTable
method.
This is used when we want to test if calling certain functions on certain arguments throws the error we want.
An example is testing whether Unknown named operator
error is thrown when
we don't provide the implementation for an extension function.
import { bool, merge, numeric } from './util/Aliases';
import { Notation } from './util/TruthTable';
import { runTestTable } from './util/utils';
runTestTable({
errorTable: `
3i 3i = 'Unknown named operator'
3i -5i = 'Unknown named operator'
-0f 0f = 'Unknown named operator'
NaN NaN = 'Unknown named operator'
`,
arity: 2,
operation: '<https://example.org/functions#equal>',
aliases: merge(numeric, bool),
notation: Notation.Infix,
});
When you don't care what the error is, you can just test for ''
.
In case the tables are too restrictive for your test, and you need an evaluation.
You should still use the generalEvaluate
function from generalEvaluation.ts.
This function will automatically run both async and sync when possible.
This increases your tests' coverage.
FAQs
A simple SPARQL expression evaluator
We found that @comunica/utils-expression-evaluator demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.
Security News
Sonar’s acquisition of Tidelift highlights a growing industry shift toward sustainable open source funding, addressing maintainer burnout and critical software dependencies.