Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
dbpedia-entity-lookup
Advanced tools
Find entities (people, places, organizations, titles) in dbpedia.
Finds entities (people, places, organizations and titles) in dbpedia. Meant to be used with cwrc-public-entity-dialogs where it runs in the browser.
Although it will not work in node.js as-is, it does use the Fetch API for http requests, and so could likely therefore use a browser/node.js compatible fetch implementation like: isomorphic-fetch.
dbpedia supports sparql, but SPARQL has limited support for full text search. The expectation with SPARQL mostly seems to be that you know exactly what you are matching on. So, a query that exactly details the label works fine:
SELECT DISTINCT ?s WHERE {
?s ?label "The Rolling Stones"@en .
?s ?p ?o
}
We'd like, however, to match with full text search, so we can match on partial strings, variant spellings, etc. Just in the simple case above, for example, someone searching for The Rolling Stones would have to fully specify 'The Rolling Stones' and not just 'Rolling Stones'. If they left out 'The' then their query won't return the result.
There is a SPARQL CONTAINS operator that can be used within a FILTER, and that matches substrings, which is better, and CONTAINS does work with dbpedia, but the (admittedly limited) testing we did found it very slow.
There is at least one alternative to CONTAINS - REGEX - but as described here: https://www.cray.com/blog/dont-use-hammer-screw-nail-alternatives-regex-sparql/ REGEX has even worse performance than CONTAINS.
Dbpedia does, however, provide a search service: https://github.com/dbpedia/lookup
a hosted version of which can be accessed at: https://lookup.dbpedia.org/api/search/KeywordSearch?QueryClass=place&MaxResults=5&QueryString=berlin&format=json
npm i dbpedia-entity-lookup
import dbpediaLookup from 'dbpedia-entity-lookup';
where the 'query' argument is an object:
{
entity: "The name of the thing the user wants to find.",
options: "TBD"
}
and all find* methods return promises that resolve to an object like the following:
{
"queryClass": "place",
"originalQueryString": "paris",
"repository": "dbpedia",
"id": "http://dbpedia.org/resource/Paris",
"uri": "http://dbpedia.org/resource/Paris",
"uriForDisplay": "https://dbpedia.lookup.services.cwrc.ca/resource/Paris",
name: "Paris",
"description": "Paris is the capital and largest city of France. It is situated on the river Seine, in northern France, at the heart of the Île-de-Franc…",
}
There are a further four methods that are mainly made available to facilitate testing (to make it easier to mock calls to the dbpedia service):
where the 'query' argument is the entity name to find and the methods return the dbpedia URL that in turn returns results for the query.
CWRC-Writer-Dev-Docs describes general development practices for CWRC-Writer GitHub repositories, including this one.
We use Travis.
We follow SemVer, which Semantic Release makes easy. Semantic Release also writes our commit messages, sets the version number, publishes to NPM, and finally generates a changelog and a release (including a git tag) on GitHub.
FAQs
Find entities (people, places, organizations, titles) in dbpedia.
The npm package dbpedia-entity-lookup receives a total of 2 weekly downloads. As such, dbpedia-entity-lookup popularity was classified as not popular.
We found that dbpedia-entity-lookup demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.