Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
wikibase-sdk
Advanced tools
A javascript tool-suite to query a Wikibase instance and simplify its results.
This package was primarily developed as wikidata-sdk
but has now being generalized to support any Wikibase instance: wikidata.org among others.
This project received a Wikimedia Project Grant.
This module uses JavaScript ES6, which means NodeJS >= v6.4.0
or not too outdated web browsers.
For older version, you can use ES5 bundles.
npm install wikibase-sdk
const wbk = require('wikibase-sdk')({
instance: 'https://my-wikibase-instan.se',
sparqlEndpoint: 'https://query.my-wikibase-instan.se/sparql'
})
The wdk
object of previous versions of this documentation - from the time this module was bound to wikidata.org only - thus corresponds to the following:
const wdk = require('wikibase-sdk')({
instance: 'https://www.wikidata.org',
sparqlEndpoint: 'https://query.wikidata.org/sparql'
})
For convenience, and for the sake of retro-compatibility, that same wdk
object can be obtain with:
// After having run `npm install wikidata-sdk`
const wdk = require('wikidata-sdk')
and instance-independant helper functions are directly available from the module root:
const { simplify, parse, isEntityId, isPropertyId, ... } = require('wikibase-sdk')
A set of functions to make read queries to a Wikibase instance API (see Wikidata API documentation). For write operations, see wikibase-edit.
There are additional functions for Wikibase instances that have a SPARQL Query Service (such as Wikidata Query for wikidata.org). SPARQL can be a weird thing at first, but the Wikidata team and community really puts lots of efforts to make things easy with a super rich Wikidata Query Help page, an awesome tool to test you queries and visualize the result, and lots of examples!
Context
This library had for primary purpose to serve the needs of the inventaire project but extending its capabilities to other needs it totally possible: feel welcome to post your suggestions as issues or pull requests!
Design constraints
wikibase-sdk
should stay "small" and dependency-free, so that a web application can include it in its bundle without paying a too high cost for it. A consequence is that the lib generates URLs where other libs would integrate doing the request and parsing it's response. But that actually feels quite right to do this way: simply generating the URLs let's users free to handle requests as they like (with callbacks, promises, async/await, whatever!)wikidata-filter
, import-wikidata-dump-to-couchdb
, and alikes — should get their own modules.We are developing and maintaining tools to work with Wikidata from NodeJS, the browser, or simply the command line, with quality and ease of use at heart. Any donation will be interpreted as a "please keep going, your work is very much needed and awesome. PS: love". Donate
Do you know inventaire.io? It's a web app to share books with your friends, built on top of Wikidata! And its libre software too.
FAQs
utils functions to query a Wikibase instance and simplify its results
The npm package wikibase-sdk receives a total of 4,462 weekly downloads. As such, wikibase-sdk popularity was classified as popular.
We found that wikibase-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.