Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
@valueflows/vf-graphql
Advanced tools
Reference GraphQL implementation of the ValueFlows spec
This is to help synchronize the projects using VF for a graphql interface between client and server. It includes the VF specification, plus recommended vocabulary specification not part of the rdf-based VF spec but needed for all VF based implementations of economic software (for example Agent, Person, Organization, note, image). It also includes recommended inverse relationship naming, which is particularly useful in graphql implementations.
To implement a system gateway compatible with the ValueFlows spec, you will need to define the following:
makeExecutableSchema
along with the schema
definition exported by this moduleDateTime
& DateInterval
typesFor a more detailed example, see the project in ./mock-server/
.
npm i -g yarn
using the version of node you plan on developing this project against (for recommended, see .nvmrc
). You can setup your modules manually using npm link
if you prefer, but Yarn's workspaces feature will save you a lot of time.yarn
from the top level folder of this repository to install and wire up all dependencies.See scripts
in package.json
for the available commands. For quickly spinning up the full system, you should usually be able to simply run npm start
. This will load up:
http://localhost:3000/graphql
which you can use to test queries against a mock GraphQL API derived from the schema.http://localhost:3000/viewer
which shows an interactive visual representation useful for exploring the schema.The recommended way to contribute to this repo is via the npm run dev:schema
command (also run as part of npm start
). This will watch the code for changes and build & run tests every time you save a file. It's best to do it this way as the errors from the GraphQL parser can be hard to track down- more frequent feedback means you will catch any errors sooner.
The lib/
directory contains all source of the reference schema & validation helpers:
index.js
is the main entrypoint to the module, used by other packages wishing to validate schemas against the spec.typeDefs.js
contains only the schemas themselves (as strings); packages wishing to implement APIs using the reference spec can reference this file instead of the main module entrypoint to skip some initialisation logic only needed for validation.tests/
contains tests for ensuring the schemas compile successfully.schemas/
contains the actual GraphQL schema definition files. These are the files you should edit.build/
and index.d.ts
are generated from the schema files, using helper code in lib/scripts/
.lib/package.json
& commit to the repositorynpm run publish
from this directoryorigin
Released under an Apache 2.0 license.
FAQs
Reference GraphQL implementation of the ValueFlows spec
The npm package @valueflows/vf-graphql receives a total of 4 weekly downloads. As such, @valueflows/vf-graphql popularity was classified as not popular.
We found that @valueflows/vf-graphql demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.