Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
sparqlxml-parse
Advanced tools
A utility package that allows you to parse SPARQL XML results in a convenient RDF/JS-based datastructure.
For example, the following SPARQL XML result can be converted as follows:
In:
<?xml version="1.0"?>
<sparql xmlns="http://www.w3.org/2005/sparql-results#">
<head>
<variable name="book"/>
</head>
<results>
<result>
<binding name="book">
<uri>http://example.org/book/book1</uri>
</binding>
</result>
<result>
<binding name="book">
<uri>http://example.org/book/book2</uri>
</binding>
</result>
<result>
<binding name="book">
<uri>http://example.org/book/book3</uri>
</binding>
</result>
<result>
<binding name="book">
<uri>http://example.org/book/book4</uri>
</binding>
</result>
<result>
<binding name="book">
<uri>http://example.org/book/book5</uri>
</binding>
</result>
<result>
<binding name="book">
<triple>
<subject>
<uri>http://example.org/bob</uri>
</subject>
<predicate>
<uri>http://example.org/name</uri>
</predicate>
<object>
<literal datatype='http://example.org/Type'>Bob</literal>
</object>
</triple>
</binding>
</result>
</results>
</sparql>
Out:
[
{ '?book': namedNode('http://example.org/book/book1') },
{ '?book': namedNode('http://example.org/book/book2') },
{ '?book': namedNode('http://example.org/book/book3') },
{ '?book': namedNode('http://example.org/book/book4') },
{ '?book': namedNode('http://example.org/book/book5') },
{ '?book': quad(namedNode('http://example.org/bob'), namedNode('http://example.org/name'), literal('Bob', namedNode('http://example.org/Type'))) },
]
Where namedNode
is an RDF/JS named node, quad
is an RDF/JS quad/triple, and literal
is an RDF/JS literal.
This library automatically converts all SPARQL XML result values to their respective RDFJS type.
import {SparqlXmlParser} from "sparqlxml-parse";
const sparqlXmlParser = new SparqlXmlParser();
Optionally, you can provide a settings object to the constructor with optional parameters:
const sparqlXmlParser = new SparqlXmlParser({
dataFactory: dataFactory, // A custom RDFJS datafactory
prefixVariableQuestionMark: true, // If variable names in the output should be prefixed with '?', default is false.
});
If you have many query results, then a streaming-based approach
as provided by sparqlXmlParser.parseXmlResultsStream
is ideal.
const sparqlJsonResponseStream = streamifyString(`<?xml version="1.0"?>
<sparql xmlns="http://www.w3.org/2005/sparql-results#">
<head>
<variable name="book"/>
</head>
<results>
<result>
<binding name="book">
<uri>http://example.org/book/book1</uri>
</binding>
</result>
</results>
</sparql>`);
sparqlXmlParser.parseXmlResultsStream(sparqlJsonResponseStream)
.on('data', (bindings: IBindings) => console.log(bindings));
// This will output [ { '?book': namedNode('http://example.org/book/book1') } ]
Optionally, you can also retrieve the variables inside the head
as follows by listening to the variables
event:
sparqlXmlParser.parseXmlResultsStream(sparqlJsonResponseStream)
.on('variables', (variables: RDF.Variable[]) => console.log(variables))
.on('data', (bindings: IBindings) => { return; });
// This will output [ variable('book') ]
const sparqlJsonResponseStream = streamifyString(`<?xml version="1.0"?>
<sparql xmlns="http://www.w3.org/2005/sparql-results#">
<boolean>true</boolean>
</sparql>`);
sparqlXmlParser.parseXmlBooleanStream(sparqlJsonResponseStream)
.then((result: boolean) => console.log(result));
// This will output true
This software is written by Ruben Taelman.
This code is released under the MIT license.
v2.1.1 - 2023-06-05
<a name="v2.1.0"></a>
FAQs
Parses SPARQL XML query results
The npm package sparqlxml-parse receives a total of 2,083 weekly downloads. As such, sparqlxml-parse popularity was classified as popular.
We found that sparqlxml-parse demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.