Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
The jsonld package is a JavaScript library for working with JSON-LD, a JSON-based format for representing linked data. It provides tools for transforming JSON-LD documents, compacting, expanding, and framing data, and converting between JSON-LD and other RDF serializations.
Compacting
Compacting a JSON-LD document means transforming it into a more compact form using a context. This is useful for reducing the size of the data and making it easier to read.
const jsonld = require('jsonld');
const doc = {
"@context": {
"name": "http://schema.org/name",
"homepage": {
"@id": "http://schema.org/url",
"@type": "@id"
}
},
"name": "Manu Sporny",
"homepage": "http://manu.sporny.org/"
};
const context = {
"name": "http://schema.org/name",
"url": "http://schema.org/url"
};
jsonld.compact(doc, context).then(compacted => {
console.log(JSON.stringify(compacted, null, 2));
});
Expanding
Expanding a JSON-LD document means transforming it into a fully expanded form where all terms are expressed in their full IRI form. This is useful for processing data in a more uniform way.
const jsonld = require('jsonld');
const doc = {
"@context": {
"name": "http://schema.org/name",
"homepage": {
"@id": "http://schema.org/url",
"@type": "@id"
}
},
"name": "Manu Sporny",
"homepage": "http://manu.sporny.org/"
};
jsonld.expand(doc).then(expanded => {
console.log(JSON.stringify(expanded, null, 2));
});
Framing
Framing a JSON-LD document allows you to extract a specific subgraph of the data, organized according to a frame. This is useful for extracting and presenting data in a specific structure.
const jsonld = require('jsonld');
const doc = {
"@context": {
"name": "http://schema.org/name",
"homepage": {
"@id": "http://schema.org/url",
"@type": "@id"
}
},
"@graph": [
{
"@id": "_:b0",
"name": "Manu Sporny",
"homepage": "http://manu.sporny.org/"
}
]
};
const frame = {
"@context": {
"name": "http://schema.org/name",
"homepage": {
"@id": "http://schema.org/url",
"@type": "@id"
}
},
"@type": "http://schema.org/Person"
};
jsonld.frame(doc, frame).then(framed => {
console.log(JSON.stringify(framed, null, 2));
});
rdflib is a library for working with RDF data in JavaScript. It provides similar functionalities to jsonld, such as parsing and serializing RDF data, but it is more focused on RDF in general rather than specifically on JSON-LD. It is a more comprehensive library for RDF data manipulation.
rdf-ext is a modular and extensible library for working with RDF data in JavaScript. It provides a set of tools for parsing, serializing, and manipulating RDF data. While it supports JSON-LD, it is designed to work with various RDF formats and provides a more flexible approach to RDF data handling compared to jsonld.
This library is an implementation of the JSON-LD specification in JavaScript.
JSON, as specified in RFC7159, is a simple language for representing objects on the Web. Linked Data is a way of describing content across different documents or Web sites. Web resources are described using IRIs, and typically are dereferencable entities that may be used to find more information, creating a "Web of Knowledge". JSON-LD is intended to be a simple publishing method for expressing not only Linked Data in JSON, but for adding semantics to existing JSON.
JSON-LD is designed as a light-weight syntax that can be used to express Linked Data. It is primarily intended to be a way to express Linked Data in JavaScript and other Web-based programming environments. It is also useful when building interoperable Web Services and when storing Linked Data in JSON-based document storage engines. It is practical and designed to be as simple as possible, utilizing the large number of JSON parsers and existing code that is in use today. It is designed to be able to express key-value pairs, RDF data, RDFa data, Microformats data, and Microdata. That is, it supports every major Web-based structured data model in use today.
The syntax does not require many applications to change their JSON, but easily add meaning by adding context in a way that is either in-band or out-of-band. The syntax is designed to not disturb already deployed systems running on JSON, but provide a smooth migration path from JSON to JSON with added semantics. Finally, the format is intended to be fast to parse, fast to generate, stream-based and document-based processing compatible, and require a very small memory footprint in order to operate.
This library aims to conform with the following:
The JSON-LD Working Group is now developing JSON-LD 1.1. Library updates to conform with newer specifications will happen as features stabilize and development time and resources permit.
The test runner is often updated to note or skip newer tests that are not yet supported.
npm install jsonld
const jsonld = require('jsonld');
npm install jsonld
Use your favorite bundling technology (webpack, Rollup, etc) to
directly bundle your code that loads jsonld
. Note that you will need support
for ES2017+ code.
The built npm package includes bundled code suitable for use in browsers. Two versions are provided:
./dist/jsonld.min.js
: A version built for wide compatibility with modern
and older browsers. Includes many polyfills and code transformations and is
larger and less efficient../dist/jsonld.esm.min.js
: A version built for features available in
browsers that support ES Modules. Fewer polyfills and transformations are
required making the code smaller and more efficient.The two bundles can be used at the same to to allow modern browsers to use
newer code. Lookup using script
tags with type="module"
and nomodule
.
Also see the webpack.config.js
if you would like to make a custom bundle for
specific targets.
npm install jsonld
Use your favorite technology to load node_modules/dist/jsonld.min.js
.
To use CDNJS include this script tag:
<script src="https://cdnjs.cloudflare.com/ajax/libs/jsonld/1.0.0/jsonld.min.js"></script>
Check https://cdnjs.com/libraries/jsonld for the latest available version.
To use jsDeliver include this script tag:
<script src="https://cdn.jsdelivr.net/npm/jsonld@1.0.0/dist/jsonld.min.js"></script>
See https://www.jsdelivr.com/package/npm/jsonld for the latest available version.
To use unpkg include this script tag:
<script src="https://unpkg.com/jsonld@1.0.0/dist/jsonld.min.js"></script>
See https://unpkg.com/jsonld/ for the latest available version.
jspm install npm:jsonld
import * as jsonld from 'jsonld';
// or
import {promises} from 'jsonld';
// or
import {JsonLdProcessor} from 'jsonld';
For specialized use cases there is an optional rdf-canonize-native package
available which provides a native implementation for canonize()
. It is used
by installing the package and setting the useNative
option of canonize()
to
true
. Before using this mode it is highly recommended to run benchmarks
since the JavaScript implementation is often faster and the bindings add
toolchain complexity.
npm install jsonld
npm install rdf-canonize-native
Example data and context used throughout examples below:
const doc = {
"http://schema.org/name": "Manu Sporny",
"http://schema.org/url": {"@id": "http://manu.sporny.org/"},
"http://schema.org/image": {"@id": "http://manu.sporny.org/images/manu.png"}
};
const context = {
"name": "http://schema.org/name",
"homepage": {"@id": "http://schema.org/url", "@type": "@id"},
"image": {"@id": "http://schema.org/image", "@type": "@id"}
};
// compact a document according to a particular context
const compacted = await jsonld.compact(doc, context);
console.log(JSON.stringify(compacted, null, 2));
/* Output:
{
"@context": {...},
"name": "Manu Sporny",
"homepage": "http://manu.sporny.org/",
"image": "http://manu.sporny.org/images/manu.png"
}
*/
// compact using URLs
const compacted = await jsonld.compact(
'http://example.org/doc', 'http://example.org/context', ...);
// expand a document, removing its context
const expanded = await jsonld.expand(compacted);
/* Output:
{
"http://schema.org/name": [{"@value": "Manu Sporny"}],
"http://schema.org/url": [{"@id": "http://manu.sporny.org/"}],
"http://schema.org/image": [{"@id": "http://manu.sporny.org/images/manu.png"}]
}
*/
// expand using URLs
const expanded = await jsonld.expand('http://example.org/doc', ...);
// flatten a document
const flattened = await jsonld.flatten(doc);
// output has all deep-level trees flattened to the top-level
// frame a document
const framed = await jsonld.frame(doc, frame);
// output transformed into a particular tree structure per the given frame
// canonize (normalize) a document using the RDF Dataset Canonicalization Algorithm
// (URDNA2015):
const canonized = await jsonld.canonize(doc, {
algorithm: 'URDNA2015',
format: 'application/n-quads'
});
// canonized is a string that is a canonical representation of the document
// that can be used for hashing, comparison, etc.
// serialize a document to N-Quads (RDF)
const nquads = await jsonld.toRDF(doc, {format: 'application/n-quads'});
// nquads is a string of N-Quads
// deserialize N-Quads (RDF) to JSON-LD
const doc = await jsonld.fromRDF(nquads, {format: 'application/n-quads'});
// doc is JSON-LD
// register a custom synchronous RDF parser
jsonld.registerRDFParser(contentType, input => {
// parse input to a jsonld.js RDF dataset object... and return it
return dataset;
});
// register a custom promise-based RDF parser
jsonld.registerRDFParser(contentType, async input => {
// parse input into a jsonld.js RDF dataset object...
return new Promise(...);
});
// how to override the default document loader with a custom one -- for
// example, one that uses pre-loaded contexts:
// define a mapping of context URL => context doc
const CONTEXTS = {
"http://example.com": {
"@context": ...
}, ...
};
// grab the built-in Node.js doc loader
const nodeDocumentLoader = jsonld.documentLoaders.node();
// or grab the XHR one: jsonld.documentLoaders.xhr()
// change the default document loader
const customLoader = async (url, options) => {
if(url in CONTEXTS) {
return {
contextUrl: null, // this is for a context via a link header
document: CONTEXTS[url], // this is the actual document that was loaded
documentUrl: url // this is the actual context URL after redirects
};
}
// call the default documentLoader
return nodeDocumentLoader(url);
};
jsonld.documentLoader = customLoader;
// alternatively, pass the custom loader for just a specific call:
const compacted = await jsonld.compact(
doc, context, {documentLoader: customLoader});
It is recommended to set a default user-agent
header for Node.js
applications. The default for the default Node.js document loader is
jsonld.js
.
A common use case is to avoid JSON-LD constructs that will result in lossy
behavior. The JSON-LD specifications have notes about when data is dropped.
This can be especially important when calling [canonize
][] in order to
digitally sign data. A special "safe mode" is available that will detect these
situations and cause processing to fail.
Note: This mode is designed to be the common way that digital signing and similar applications use this library.
The safe
options flag set to true
enables this behavior:
// expand a document in safe mode
const expanded = await jsonld.expand(data, {safe: true});
This library includes a sample testing utility which may be used to verify that changes to the processor maintain the correct output.
The main test suites are included in external repositories. Check out each of the following:
https://github.com/w3c/json-ld-api
https://github.com/w3c/json-ld-framing
https://github.com/json-ld/json-ld.org
https://github.com/w3c/rdf-canon
They should be sibling directories of the jsonld.js directory or in a
test-suites
dir. To clone shallow copies into the test-suites
dir you can
use the following:
npm run fetch-test-suites
Node.js tests can be run with a simple command:
npm test
If you installed the test suites elsewhere, or wish to run other tests, use
the TESTS
environment var:
TESTS="/tmp/org/test-suites /tmp/norm/tests" npm test
This feature can be used to run the older json-ld.org test suite:
TESTS=/tmp/json-ld.org/test-suite npm test
Browser testing can be done with Karma:
npm run test-karma
npm run test-karma -- --browsers Firefox,Chrome
Code coverage of node tests can be generated in coverage/
:
npm run coverage
To display a full coverage report on the console from coverage data:
npm run coverage-report
The Mocha output reporter can be changed to min, dot, list, nyan, etc:
REPORTER=dot npm test
Remote context tests are also available:
# run the context server in the background or another terminal
node tests/remote-context-server.js
TESTS=`pwd`/tests npm test
To generate EARL reports:
# generate the EARL report for Node.js
EARL=earl-node.jsonld npm test
# generate the EARL report for the browser
EARL=earl-firefox.jsonld npm run test-karma -- --browser Firefox
To generate an EARL report with the json-ld-api
and json-ld-framing
tests
as used on the official JSON-LD Processor Conformance page
TESTS="`pwd`/../json-ld-api/tests `pwd`/../json-ld-framing/tests" EARL="jsonld-js-earl.jsonld" npm test
The EARL .jsonld
output can be converted to .ttl
using the rdf tool:
rdf serialize jsonld-js-earl.jsonld --output-format turtle -o jsonld-js-earl.ttl
Optionally follow the report instructions to generate the HTML report for inspection. Maintainers can submit updated results as needed.
Benchmarks can be created from any manifest that the test system supports. Use a command line with a test suite and a benchmark flag:
TESTS=/tmp/benchmark-manifest.jsonld BENCHMARK=1 npm test
EARL reports with benchmark data can be generated with an optional environment details:
TESTS=`pwd`/../json-ld.org/benchmarks/b001-manifiest.jsonld BENCHMARK=1 EARL=earl-test.jsonld TEST_ENV=1 npm test
See tests/test.js
for more TEST_ENV
and BENCHMARK
control and options.
These reports can be compared with the benchmarks/compare/
tool and at the
JSON-LD Benchmarks site.
jsonld
that exposes
most of the basic jsonld.js API.The source code for the JavaScript implementation of the JSON-LD API is available at:
https://github.com/digitalbazaar/jsonld.js
Commercial support for this library is available upon request from Digital Bazaar: support@digitalbazaar.com
FAQs
A JSON-LD Processor and API implementation in JavaScript.
The npm package jsonld receives a total of 114,686 weekly downloads. As such, jsonld popularity was classified as popular.
We found that jsonld demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.