Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
fetch-sparql-endpoint
Advanced tools
A simple, lightweight module to send queries to SPARQL endpoints and retrieve their results in a streaming fashion.
A simple, lightweight module to send queries to SPARQL endpoints and retrieve their results in a streaming fashion.
All results are compatible with the RDFJS specification.
All SPARQL queries are supported, such as SELECT
, ASK
, CONSTRUCT
DESCRIBE
, INSERT
, DELETE
, ...
Internally, this library supports SPARQL results in SPARQL JSON, SPARQL XML, and Turtle.
This package can be installed via npm.
$ npm install fetch-sparql-endpoint
This package also works out-of-the-box in browsers via tools such as webpack and browserify.
import {SparqlEndpointFetcher} from "fetch-sparql-endpoint";
const myFetcher = new SparqlEndpointFetcher();
Optionally, you can pass an options object with the following optional entries:
const myFetcher = new SparqlEndpointFetcher({
method: 'POST', // A custom HTTP method for issuing (non-update) queries, defaults to POST. Update queries are always issued via POST.
additionalUrlParams: new URLSearchParams({'infer': 'true', 'sameAs': 'false'}); // A set of additional parameters that well be added to fetchAsk, fetchBindings & fetchTriples requests
fetch: fetch, // A custom fetch-API-supporting function
dataFactory: DataFactory, // A custom RDFJS data factory
prefixVariableQuestionMark: false, // If variable names in bindings should be prefixed with '?', defaults to false
timeout: 5000 // Timeout for setting up server connection (Once a connection has been made, and the response is being parsed, the timeout does not apply anymore).
});
SPARQL SELECT queries returns a (promise to a) stream of bindings.
const bindingsStream = await fetcher.fetchBindings('https://dbpedia.org/sparql', 'SELECT * WHERE { ?s ?p ?o } LIMIT 100');
bindingsStream.on('data', (bindings) => console.log(bindings));
This will output bindings in the following form, where keys correspond to variables in the queries, and values and RDFJS terms:
{ s: namedNode('s1'), p: namedNode('p1'), o: namedNode('o1') }
{ s: namedNode('s2'), p: namedNode('p2'), o: namedNode('o2') }
{ s: namedNode('s3'), p: namedNode('p3'), o: namedNode('o3') }
...
Optionally, you can obtain a list of variables by listening to the 'variables'
event:
const bindingsStream = await fetcher.fetchBindings('https://dbpedia.org/sparql', 'SELECT * WHERE { ?s ?p ?o } LIMIT 100');
bindingsStream.on('data', (bindings) => console.log(bindings));
// Will print [ variable('s'), variable('p'), variable('o') ]
bindingsStream.on('variables', (variables) => console.log(variables));
SPARQL ASK queries answer with a (promise to a) boolean value.
const answer = await fetcher.fetchAsk('https://dbpedia.org/sparql', 'ASK WHERE { ?s ?p ?o }');
This will output true
or false
.
SPARQL CONSTRUCT and SPARQL DESCRIBE queries returns a (promise to a) stream of triples.
const tripleStream = await fetcher.fetchTriples('https://dbpedia.org/sparql', 'CONSTRUCT { ?s ?p ?o } LIMIT 100');
tripleStream.on('data', (triple) => console.log(triple));
This will output RDFJS triples as follows:
triple(namedNode('s1'), namedNode('p1'), namedNode('o1'))
triple(namedNode('s2'), namedNode('p2'), namedNode('o2'))
triple(namedNode('s3'), namedNode('p3'), namedNode('o3'))
...
SPARQL Update queries answer with a void promise.
await fetcher.fetchUpdate('https://dbpedia.org/sparql', 'INSERT DATA { <ex:s> <ex:p> <ex:o> }');
The await
will throw an error if the update has failed.
If you want to know the query type
in order to determine which of the above fetch methods to call,
then you can use the getQueryType
method as follows:
fetcher.getQueryType('SELECT * WHERE { ?s ?p ?o } LIMIT 100'); // Outputs 'SELECT'
fetcher.getQueryType('ASK WHERE { ?s ?p ?o }'); // Outputs 'ASK'
fetcher.getQueryType('CONSTRUCT { ?s ?p ?o } LIMIT 100'); // Outputs 'CONSTRUCT'
This method will also throw an error if the query contains a syntax error.
A command-line tool is provided to quickly query or update any SPARQL endpoint:
Usage:
fetch-sparql-endpoint Sends a query to a SPARQL endpoint
Usage:
fetch-sparql-endpoint https://dbpedia.org/sparql [-q] 'SELECT * WHERE { ?s ?p ?o } 100'
fetch-sparql-endpoint https://dbpedia.org/sparql -f query.sparql
cat query.sparql | fetch-sparql-endpoint https://dbpedia.org/sparql
Options:
-q evaluate the given SPARQL query string
-f evaluate the SPARQL query in the given file
-g send query via HTTP GET instead of POST
--help print this help message
This software is written by Ruben Taelman.
This code is released under the MIT license.
FAQs
A simple, lightweight module to send queries to SPARQL endpoints and retrieve their results in a streaming fashion.
The npm package fetch-sparql-endpoint receives a total of 2,124 weekly downloads. As such, fetch-sparql-endpoint popularity was classified as popular.
We found that fetch-sparql-endpoint demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.