Security News
Input Validation Vulnerabilities Dominate MITRE's 2024 CWE Top 25 List
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Hydra is a machine readable description for APIs. Hydra Box extends the API description with links to the actual code, which provides the API. Hydra Box will use such an API description to create an express middleware which provides the API and dynamically loads the required code for it.
Hydra-Box uses an object that implements the RDF/JS Store interface to read resources and find types of resources to identify matching operations. The resource is read using the IRI as named graph filter.
Here an example for a store on the local file system using rdf-store-fs
:
const FlatMultiFileStore = require('rdf-store-fs/FlatMultiFileStore')
const store = new FlatMultiFileStore({
baseIRI: 'http://localhost:9000/',
path: 'store'
})
An Api
object contains the dataset of the API documentation, where to find it and where to find the code.
The static method .fromFile
reads the dataset from the given file and creates an Api
object with the given options.
const api = await Api.fromFile('api.ttl', {
path: '/api',
codePath: __dirname
})
Once both objects are created, the middleware can be used:
const app = express()
app.use(hydraBox(api, store))
app.listen(9000)
The operations must implement a Express routing handler interface ((req, res, next) => {}
).
Hydra-Box adds the @rdfjs/express-handler to handle incoming and outgoing RDF data.
For GET
requests with a matching IRI Template, the .dataset()
and .quadStream()
as defined by express-handler
are also available to read the given variables.
Additionally there is a hydra
property assigned to req
that contains more data about the request:
req.hydra = {
// Api object given as argument to the middleware
api,
// RDF/JS Store object given as argument to the middleware
store,
// requested URL as RDF/JS NamedNode
term,
// the selected hydra:Operation as Graph Pointer
operation,
// resource this request is about
// This can be the requested URL for the case that a class operation is called.
// For the case that a property operation is called, this is the subject of the triple used to link to the property.
resource: {
// IRI of the resource as RDF/JS NamedNode
term,
// content of the resource read from the store as RDF/JS Dataset
dataset,
// rdf:types of the resource as @rdfjs/term-set
types
}
}
FAQs
Hydra Box middleware
The npm package hydra-box receives a total of 34 weekly downloads. As such, hydra-box popularity was classified as not popular.
We found that hydra-box demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.